Hackers target several government websites, temporarily take over presidency portal
The cybersecurity breach on government websites was confirmed by Interior PS Raymond Omollo, who pointed an accusing finger at PCP@Kenya.
Several government websites, including president.go.ke, the official site of the presidency, were hacked on Monday and rendered inaccessible.
Other websites affected include those belonging to ministries of Interior, Energy, Labour, Health and Education. At the same time, several state departments were also inaccessible for the better part of Monday, with the Immigration Department, the Directorate of Public-Private Partnerships and the Directorate of Criminal Investigations (DCI) among those affected. Additionally, the Hustler Fund, the Government Press and Nairobi City County were also affected by the cyber attack.
The attackers made the websites inaccessible and defaced the pages by replacing legitimate information with other text. Attempts by users to log on to the websites were met by messages that read: "Access denied by PCP", "We will rise again", "White power worldwide", and "14:88 Heil hitler."
A screengrab of the president.go.ke website taken during the hack on November 17, 2025.
However, websites of institutions like eCitizen, the National Transport and Safety Authority (NTSA), Judiciary, the Kenya National Examinations Council (Knec) and the National Police Service were not affected by the attack. Defence and Treasury were also unaffected.
in a statement, Interior PS Raymond Omollo accused a group - PCP@Kenya - of being behind the hack.
"This is to notify the general public that the situation has been contained and that the government is monitoring the situation. However, members of the public are advised to take necessary precautions, remain vigilant and report any suspicious cyber threat activity to the National KE-CIRT, NC4 and DCI," a statement from the PS said.
Kenya has in recent years invested heavily in digitising services, making online platforms a central point of public access and a tempting target for hackers.
The government said the intrusion violated several laws, including the Computer Misuse, Cybercrimes and Data Protection Act. It warned that those behind the breach would face prosecution once identified.
“Those found culpable shall face the full force of the law,” PS Omollo said.
Previous attacks
This isn't the first time State-owned websites have been compromised by hackers. In July 2023, the government suffered a high profile cyber attack on the eCitizen platform which saw access to more than 5,000 government services from ministries, county governments and agencies paralysed.
A Sudanese hacker group later claimed responsibility, saying they had taken down a number of Kenyan websites, including several major companies, to protest what they described as Kenya's interference in Sudan’s affairs.
Statements posted by the hacker claimed the attacks were retaliatory. At the time, the then ICT Cabinet Secretary Eliud Owalo said no data was lost during the attack.
According to the Communications Authority of Kenya (CA), the period between July and September saw 842 cyber threat events. Most of the attacks exploited system vulnerabilities.
"The detected cyber threats can be attributed to several factors including inadequate system patching, limited user awareness of threat vectors such as phishing and other social engineering techniques. They can also be attributed to the growing adoption of AI-driven attacks and machine learning technologies by malicious actors," said David Mugonyi, the CA Director-General.
A January 2023 report by CA shows that the most targeted industries in Kenya by hackers are financial services, healthcare, education, energy and utilities, as well as government agencies.
