The Government of Kenya, through the State Department for Internal Security and National Administration, has confirmed a major cybersecurity breach that temporarily disrupted access to several critical government websites on Monday, November 17.
In a public press release dated November 17, 2025, Interior PS Raymond Omollo stated that the attack is suspected to have been carried out by a group identified as PCP@Kenya.
The PS added that the attack intrusion rendered multiple government portals inaccessible for hours, prompting an urgent incident response led by the National Computer and Cybercrimes Coordination Committee (NC4).
The government has since restored services and assured citizens that the situation is under control.
“The Government initiated its incident response and recovery efforts, supported by various stakeholders, to mitigate the effects of the incident and restore accessibility.”
While PS Omollo did not disclose the exact number of affected websites, sources within the ICT sector indicated that platforms handling public services and administrative functions were among those hit.
The attackers reportedly exploited vulnerabilities in web servers, causing widespread downtime and disrupting access to essential information.
The Interior PS also warned of the consequences of such criminal acts and vowed that those found culpable shall force the full force of the law.
“This attack is in breach of Kenya and other international laws and conventions including the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act and the Data Protection Act and those found culpable shall face the full force of the law.”
The government urged citizens to remain vigilant and report suspicious online activity.
“Members of the public are advised to take necessary precautions, remain alert, and report any cyber threat activity to KE-CIRT, NC4, or the DCI.”
PS Omollo reaffirmed the government’s commitment to securing digital infrastructure, noting ongoing collaborations with private sector players and international partners to bolster defenses.
“Further, the Government wishes to assure the public that it remains committed to the national digital transformation agenda and the security of the national digital infrastructure. The Government continues to strengthen its cyber resilience capabilities and capacity, including working with the private sector and other stakeholders.”
Investigations are ongoing under the Directorate of Criminal Investigations (DCI), with support from the National KE-CIRT Coordination Centre and NC4.
Kenya’s National Digital Transformation Agenda
The breach comes at a time when Kenya is aggressively pursuing its national digital transformation agenda, a strategy aimed at digitizing government services, improving efficiency, and expanding access to citizens.
Also Read: Ruto’s State House Spends Over Ksh6 Billion in Just 4 Months
This initiative includes streamlining services such as tax filing, identity registration, and licensing through secure online portals.
The initiative also looks to improve cybersecurity infrastructure by building robust defenses to protect sensitive data and maintain public trust in digital systems.
It also involves collaborating with technology firms and global partners to enhance capacity and share best practices.
The national digital transformation agenda also enforces compliance with the Data Protection Act and other cyber laws to safeguard personal and institutional data.
Also Read: Chinese Embassy in Kenya Issues Statement Over Chinese National Seen Assaulting Kenyan Worker
As investigations progress, policymakers face mounting pressure to accelerate cybersecurity reforms, enforce compliance audits, and allocate more resources for cyber defense.
The breach serves as a reminder that digital transformation must be matched by robust security measures.
Government websites are back online, but the attack has sparked a national conversation on preparedness in an era where cyber threats are evolving rapidly.
Follow our WhatsApp Channel and X Account for real-time news updates.
