Photo Credit: Getty Images
Several Kenyan government websites went offline after a coordinated cyberattack that hit multiple ministries and state agencies. Local outlets reported that official pages across a wide range of departments were either inaccessible or visibly altered. The breach raised fresh concerns about the security of public digital services at a time when many essential functions depend on online platforms.
According to initial checks, the attack struck ministries that handle some of the most widely used services in the country. These included Health, Education, Labour, Environment, ICT, Tourism, Energy, Water, and Interior. Many of the affected pages either failed to load or displayed distorted content when visitors attempted to access them. What stood out most was the defacement, where legitimate information was replaced with unauthorised messages and visuals.
Users trying to open the compromised websites encountered phrases such as “Access denied by PCP” and “We will rise again.” These statements were placed prominently on the affected pages, along with other messages that did not appear in any official communication. The sudden appearance of these texts suggested that the attackers not only gained access but were able to overwrite public facing content in a way meant to cause disruption and confusion.
As of the time the incident was reported, no group had publicly taken responsibility for the attack. Government officials had also not released any statements addressing the extent of the breach, the method used, or how long recovery might take. This silence left many citizens unsure about the status of essential services that rely on the affected platforms.
This is not the first time Kenyan government systems have faced a major cyber incident. In July 2023, the digital service portal e Citizen suffered a significant attack that disrupted several key services. That earlier incident affected the National Transport and Safety Authority, the Kenya Power and Lighting Company, and Kenya Railways. It also prompted questions about the protection of sensitive personal information stored within government systems.
The latest attack will likely renew calls for stronger safeguards across public websites and databases. As Kenya expands its digital infrastructure and moves more services online, the risks of large scale intrusions become more pressing. Cybersecurity experts have long warned that public institutions need clear strategies, regular system updates, and round the clock monitoring to defend against well coordinated threats.
For now, the full extent of the damage remains unclear. What is clear is that the disruption reached several critical points in the government’s digital network. Restoration efforts are expected to continue as authorities work to identify the source of the breach and strengthen vulnerable systems to prevent future incidents.