NAIROBI, Kenya, November 17, 2025—The government has launched investigations into a coordinated cyberattack that defaced websites of several ministries and state agencies on Monday, disrupting access to public information and raising concerns over the country’s cybersecurity readiness.
Websites belonging to the Ministries of Interior, Health, Education, Tourism, Energy, Environment and Labour were among those targeted in the Monday morning November 17 breach. Pages were replaced with extremist messages, including neo-Nazi slogans, and a signature attributed to a group identifying itself as “PCP@Kenya.” The State House website, the Immigration Department, Hustler Fund, Government Press and Nairobi County were also affected.
Interior Principal Secretary Raymond Omollo confirmed the attack and said it was detected and contained after the National Cybersecurity Cluster activated emergency response procedures. He said the government is now closely monitoring the systems as investigations continue.
“We have restored the affected websites and the matter has been fully contained. Preliminary findings indicate that the attack was orchestrated by a group calling itself ‘PCP@Kenya’,” Omollo said, warning that the perpetrators will face prosecution under the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act and the Data Protection Act.
The PS said the incident underscores the need for stronger “layered defences” across government digital platforms and urged Kenyans to report suspicious cyber activity through the National KE-CIRT/CC, NC4 and the DCI.
Monday’s breach comes months after a separate cyber incident involving the Business Registration Service, where authorities reported unauthorised access to parts of the agency’s data. Kenya’s cyber-response agency KE-CIRT/CC has also repeatedly warned of rising attempts targeting government systems, including brute-force attacks and exploitation of vulnerable web applications.
Cybersecurity experts say the scale of the latest breach highlights persistent gaps in government digital infrastructure, calling for stronger investment in monitoring, timely patching and coordinated incident response across public institutions.
Government agencies said no personal data exposure has so far been confirmed, but investigations are ongoing to establish the full scope of the intrusion.
