A coordinated cyberattack on 17 November 2025 temporarily disrupted several Kenyan government websites, exposing vulnerabilities in the country’s digital infrastructure and prompting urgent incident-response measures.
The affected platforms included websites belonging to key ministries such as Interior, Health, Education, Tourism, Labour, ICT, Environment, and Water, alongside agencies including State House, the Immigration Department, the Hustler Fund, and the Nairobi City County website. Users attempting to access these pages were instead met with extremist slogans and defaced content attributed to a group calling itself “PCP@Kenya.”
The defacement included phrases such as “Access denied by PCP,” “We will rise again,” and the neo-Nazi slogan “14:88 Heil Hitler.” Some pages also displayed embedded links directing users to external platforms. The messaging raised concerns about the nature of the attack, its motivation, and the group’s origins.
Government systems responded quickly. Interior Principal Secretary Dr. Raymond Omollo confirmed that cybersecurity teams launched immediate containment protocols once the breach was detected. “We activated our incident-response mechanisms the moment the intrusion was identified, and the situation has been fully contained,” he said. He added that the government is strengthening its cybersecurity architecture to ensure “early detection, swift containment, and decisive neutralization of threats.”
Officials noted that the intrusion violated multiple national cybersecurity laws, including the Computer Misuse and Cybercrimes Act and the Data Protection Act. Omollo warned that the government is pursuing those responsible: “Anyone behind this cyberattack will face the full force of the law.”
ICT Cabinet Secretary William Kabogo issued a separate assurance to the public, emphasizing that no government or citizen data had been compromised. “No personal or government data was accessed, altered, or stolen. Our technical teams acted promptly to restore the affected platforms and secure the systems,” he stated. Kabogo reported that all the affected websites were restored and placed under round-the-clock monitoring.
Authorities encouraged the public to remain alert for suspicious online activity and report incidents to established cybersecurity hotlines such as the National KE-CIRT/CC and the Directorate of Criminal Investigations.
The attack underscores rising global cyber threats and the need for governments—including Kenya—to invest more deeply in digital resilience, incident-response capacity, and continuous security audits. As digital services expand, the pressure to secure national infrastructure continues to grow.
Court lifts halt as nationwide recruitment of police constables proceeds despite ongoing petitions
