NAIROBI, Kenya — The government has issued a public advisory following a cyberattack that rendered multiple government websites inaccessible on Monday, in what officials describe as a coordinated intrusion by a group identifying itself as PCP@Kenya.
In a statement released by Dr. Raymond Omollo, Principal Secretary for Internal Security and National Administration, the government confirmed that the incident occurred on 17 November 2025, affecting several online government platforms.
Authorities said immediate incident-response measures were activated in collaboration with cybersecurity agencies and other stakeholders to contain the breach.
According to the statement, the situation has since been stabilised, with access to affected websites gradually being restored.
However, the government urged the public to remain vigilant and report any suspicious online activity.
Members of the public were specifically instructed to channel all cyber-threat reports to the National KE-CIRT, the National Computer and Cybercrimes Coordination Committee (NC4), and the Directorate of Criminal Investigations (DCI).
The State Department warned that the attack violates Kenyan and international cybercrime laws, including the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act, and the Data Protection Act, adding that those responsible will face prosecution.
Despite the breach, the government reaffirmed its commitment to safeguarding Kenya’s digital infrastructure and advancing the national digital transformation agenda.
Officials say efforts to strengthen cybersecurity resilience—through enhanced capacity, private-sector partnerships, and tighter monitoring—are ongoing.
In an era defined by a disruptive digital shift, Kenya faces rising cyber threats ranging from online scams, SIM-swap fraud to attacks on critical systems and acts of digital cruelty that undermine dignity.Even as we modernize public services under the Bottom-Up Economic
