ICT Cabinet Secretary William Kabogo has assured Kenyans that there is no cause for alarm after several State websites were briefly compromised on Monday.
The CS said the breach did not expose or alter any government data and that the ministry moved to contain the situation.
Speaking from Baku, Azerbaijan, where he is attending the World Telecommunications Development Conference, CS Kabogo described the incident as a simple Zero-Day attack.
The CS said that hackers only managed to divert domain names.
“It was just a simple Zero-Day attack, meaning it had happened for the first time, and it’s only the domain names that were directed to the hackers. So, really, we haven’t lost any data. We have not had any data compromise,” he said.
“We’re on top of staff, most of the sites are up and running,
so there is nothing to worry about. These things do happen, but we’re on top of
stuff as a ministry.”
On Monday, some government websites were taken down by hackers, affecting public services across different ministries.
"Access denied by PCP", "We will rise again," "White power worldwide", and "14:88 Heil Hitler" are some of the messages one is confronted with while accessing some of the platforms.
After a few hours, Interior PS Raymond Omollo confirmed the incident, saying websites were restored and the situation fully contained.
Omollo said the breach temporarily rendered several state websites inaccessible, adding that preliminary findings show the attack was carried out by a group calling itself “PCP@Kenya.”
Omollo said emergency response procedures were activated immediately after the disruption.
According to him, technical teams worked with stakeholders to stabilise the situation and restore affected platforms.
“The Government of Kenya wishes to notify the public that on November 17, 2025, a cybersecurity incident occurred in which several government websites were rendered temporarily inaccessible. Preliminary investigations indicate that the attack is suspected to have been carried out by a group identifying itself as ‘PCP@Kenya’,” the PS said.
“Following the incident, we immediately activated our incident response and recovery procedures, working closely with relevant stakeholders to mitigate the impact and restore access to the affected platforms. The situation has since been contained, and the systems are under continuous monitoring.”
The PS said that efforts are underway to strengthen defences to prevent similar incidents by ensuring that cyber threats are detected early, contained quickly, neutralised decisively, and their impact minimised.
The PS described the breach as a violation of Kenyan law and relevant international conventions.
Those responsible, the PS warned, will face prosecution under the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act, and the Data Protection Act.
Omollo, who is also the chairman of the National Computer and Cybercrimes Coordination Committee, assured the public of the state’s commitment to protecting national digital infrastructure.
