A coordinated cyberattack has disrupted multiple official websites of the Kenyan government, affecting ministries and agencies across the country, according to Citizens Digital. Key services targeted include the ministries of Health, Education, Labour, Environment, ICT, Tourism, Energy, Water, and Interior. Users reported seeing defaced pages with messages like “Access denied by PCP” and “We will rise again”.
Cybersecurity analysts in Nairobi describe the attack as highly coordinated, noting that the simultaneous breach of multiple systems points to planning rather than isolated vulnerabilities. Kenya’s growing reliance on online public services, including licensing, health, and education platforms, means the disruption has serious consequences for citizens.
As of now, no group has claimed responsibility, and the Kenyan government has not issued an official statement. The Ministry of Information, Communications and the Digital Economy has remained silent, leaving uncertainty over the breach’s scope, potential data risks, and restoration timelines.
This is not the first digital breach in Kenya. In July 2023, the state’s e-Citizen portal was attacked, affecting services at the National Transport and Safety Authority, Kenya Power, and Kenya Railways. Experts say repeated incidents highlight vulnerabilities in the nation’s digital infrastructure and the urgent need for stronger cybersecurity safeguards, rapid response systems, and transparent communication.
Public frustration is rising as citizens face difficulties accessing essential services. Analysts warn that restoration could take days or longer, depending on the depth of the intrusion and whether multiple servers were compromised. The attack underscores the risks of rapid digital expansion without sufficient investment in resilience and defence mechanisms.