The Business Registration Services (BRS) of Kenya has fallen victim to a cyberattack, resulting in the exposure of sensitive company records to the public.
The breach, which reportedly took place on the night of January 31, has sparked urgent efforts to assess the damage and contain further risks.
BRS is a key government agency responsible for managing business registrations, overseeing company ownership records, and maintaining details of directors and beneficial owners.
It also handles records of companies in financial distress through the Office of the Official Receiver. With such high-value data at stake, concerns are growing over the extent of the breach and its potential implications.
Also read: Cyber threats in Kenya surged by 27.83% in the final months of 2024
Investigations Underway
Authorities have launched an investigation following reports of unauthorized access to the company registry’s database.
In an official statement, BRS Director General Kenneth Gathuma confirmed that the agency has informed relevant authorities, including cybersecurity experts, law enforcement, and investigative bodies.
To mitigate further risks, Gathuma assured that security protocols have been reinforced to safeguard BRS systems against future threats.
Attack Details and Impact
A source familiar with the situation, speaking to Nation under anonymity, disclosed that BRS executives held emergency meetings on February 1 to assess the breach.
“We are still working to identify the perpetrators, but the nature of the breach suggests the involvement of an internal actor, potentially indicating sabotage,” the source revealed.
Although no official attribution has been made, reports confirm that stolen data is already being sold on the dark web, a platform known for illegal trade. Previously, BRS charged fees to access this information, but with the breach, company records are now freely available to unauthorized parties.
The public database used to retrieve company details is currently offline, raising concerns about whether the attackers intentionally disabled it. Additionally, with BRS managing insolvency records, fears persist that confidential financial distress data may have been compromised.
This marks the first major cyberattack on a Kenyan government institution in over a year, following the Kenya Airways data breach in late 2023, which resulted in the theft of customer records.
Authorities have ruled out ransomware as a motive, as there have been no demands for payment to restore the stolen data. Investigations remain ongoing.
Source: The Eastleigh Voice
About Author
