-1762322924.jpg)
The government has revealed that a group identified as PCP@Kenya was responsible for the cyberattack that rendered multiple government websites inaccessible on Sunday, November 17, 2025.
According to a statement signed by PS Raymond Omollo, the State Department for Internal Security and National Administration confirmed that the attack has been contained and recovery efforts are underway to restore full accessibility to the affected platforms.
"The Government of Kenya wishes to notify the public that on 17th November 2025, it experienced a cybersecurity incident where various government websites were rendered inaccessible. The attack is suspected to have been carried out by a group identified as PCP@Kenya," the statement read.
In response to the incident, the government immediately activated its cybersecurity protocols, mobilizing various stakeholders to mitigate the impact of the attack and restore normal operations.
"The Government initiated its incident response and recovery efforts, supported by various stakeholders, to mitigate the effects of the incident and restore accessibility to the affected websites," PS Omollo stated.
Read More
The statement confirmed that the situation has now been brought under control, with authorities actively monitoring the digital landscape to prevent further breaches.
"This is to notify the general public that the situation has been contained and that the Government is monitoring the situation. However, members of the public are advised to take necessary precautions, remain vigilant and report any suspicious cyber threat activity to the National KE-CIRT, NC4 and DCI," the government said.
The cyberattack, which occurred earlier on Monday, left several key government ministry websites paralyzed for hours, disrupting access to essential online services for citizens and businesses alike.
Among the ministries affected by the breach were the Ministries of Interior, Health, Education, Energy, Tourism, Labour, and Water. Users attempting to access these platforms were met with error messages and were unable to conduct any transactions or access information.
The hackers defaced the compromised websites with disturbing messages, displaying phrases including "Access denied by PCP", "We will rise again", and "White power worldwide". Some of the defaced pages also contained extremist references and controversial statements such as "14:88 Heil Hitler", "You are being lied to", and claims that "ABSA is working with us, so are your politicians".
Additionally, the attackers embedded a link to a Telegram channel that had accumulated over 150 subscribers at the time of the breach.
The government has warned that those behind the attack will face severe legal consequences for their actions, which constitute violations of multiple national and international laws.
"This attack is in breach of Kenya and other international laws and conventions including the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act and the Data Protection Act and those found culpable shall face the full force of the law," the statement emphasized.
Despite the breach, the government has reassured the public of its unwavering commitment to strengthening the country's digital infrastructure and protecting it from future threats.
"Further, the Government wishes to assure the public that it remains committed to the national digital transformation agenda and the security of the national digital infrastructure. The Government continues to strengthen its cyber resilience capabilities and capacity, including working with the private sector and other stakeholders," PS Omollo stated.
