In a major cybersecurity breach, the company responsible for business registration in Kenya, the Business Registration Service (BRS), has been hacked, exposing sensitive data of thousands of businesses and high-profile individuals across the country. The breach, which was discovered on Friday, has triggered concerns over the vulnerability of personal and corporate information in Kenya’s growing digital landscape.
The hack, believed to have occurred earlier this week, has compromised a significant amount of private data, including business registration details, financial records, and the personal identification information of company directors. Among those affected are some of Kenya’s most prominent figures, including former President Uhuru Kenyatta, President William Ruto, and former Interior Cabinet Secretary Fred Matiang’i.
Multiple sources within the government and cybersecurity agencies have confirmed that the hackers accessed personal records tied to these individuals, which include their business dealings, directorships, and financial transactions linked to companies they are associated with.
“The breach of such high-profile data has raised the stakes considerably, as it not only jeopardizes the privacy of key political figures but also exposes potential vulnerabilities in Kenya’s broader digital infrastructure,” said a cybersecurity expert familiar with the investigation.
For example, the business registration records of companies owned or connected to the Kenyatta family were accessed, which reportedly include details on several entities with ties to the former president. Similarly, data related to President Ruto’s investments, both in the private sector and through companies linked to his political career, was also exposed.
Fred Matiang’i, a former Interior Cabinet Secretary, is reported to be among those whose information was compromised, with business dealings and directorship roles linked to his name being accessed.
While the hackers have not yet publicly released the data, the exposure of such sensitive information has sent shockwaves through the business and political communities. The breach also raises alarms about the security of Kenya’s evolving digital platforms, which are increasingly used for government services, financial transactions, and corporate dealings.
In response to the breach, BRS officials have assured the public that they are working diligently with cybersecurity experts and law enforcement agencies to contain the situation and prevent further unauthorized access. “We are taking swift action to secure our systems and mitigate any further risk to the data of our clients and partners,” said the BRS managing director in a statement.
The Kenyan government has also acknowledged the gravity of the situation, with President William Ruto’s administration vowing to invest heavily in strengthening the country’s cybersecurity infrastructure. “This is a wake-up call for us all. We will enhance our cybersecurity measures to protect both our public and private sectors,” a government spokesperson said.
The breach has raised questions about the safety of digital records and the need for better safeguards to protect high-profile individuals and ordinary citizens alike. Cybersecurity experts have urged business owners and citizens to be vigilant and proactive in securing their data.
“Our cybersecurity experts are working closely with our cybersecurity partner, law enforcement, and investigative agencies to assess the scope of the incident, determine any potential impact, and implement necessary containment and mitigation measures,” BRS Director General Kenneth Gathuma said in a statement on Sunday adding that investigations are underway. “Once the investigation is complete, we will provide an update and directly engage with any affected parties,” he assured.
With investigations ongoing, the government has asked all affected businesses to report any unusual activity, and customers are being urged to remain cautious of potential identity theft or fraud. Authorities are also calling for those who may have information on the breach to come forward as they work to track down the perpetrators.
As Kenya continues to digitize its services and infrastructure, the hack serves as a reminder of the importance of cybersecurity in protecting sensitive information. With new revelations likely to emerge, all eyes will be on how Kenya strengthens its defenses to prevent future attacks.