Editor's Review

The hackers demanded to be paid a ransom of Ksh41 million.

Information and Communication Technology (ICT) Cabinet Secretary William Kabogo has confirmed a cyber attack on the President William Ruto's official website.

In a statement issued on Saturday, July 18, CS Kabogo stated that a team had been deployed to address the alleged hacking.

The official presodential website, president.go.ke, was inaccessible from the early hours of Saturday morning.

"The responsible Agencies that protect websites are on top of stuff," the ICT boss responded.

The alleged hackers had taken over the website and deleted all the content on the website. They then posted negative content about President Ruto and his administration.

A file photo of ICT CS William Kabogo.

Preliminary reports indicate that the hackers demanded to be paid a ransom of 5 Bitcoins worth approximately Ksh41 million to hand over the website back to the government.

The suspected hackers demanded that tge payment be made through a cryptocurrency account and threatened to expose classified information to the public.

"This message is the third time for you; before we leak everything about you. Do a payment of 5 bitcoins to the Bitcoin wallet. If you want peace before 6 o’clock this evening," the defaced homepage read.

Earlier State House confirmed it was aware of the hack and said its ICT team was handling the matter.

Kenyans raised concerns about the government's ability to adequately prevent and address cyber security attacks given that they failed to secure the Presidential website.

Among other concerns raised were about the safety of Kenyan's persondata contained in multiple state agencies includjng eCitizen, the Social Health Authority (SHA) and the National Transport ans Safety Authority (NTSA).

The incident happened a few months after unknown hackers gained unauthorised access to several government websites in November 2025.

Interior Principal Secretary Raymond Omollo revealed that a group identified as PCP@Kenya was responsible for the cyberattack that rendered multiple government websites inaccessible.

PS Omollo stated that the attack had been contained and recovery efforts are underway to restore full accessibility to the affected platforms.

"This is to notify the general public that the situation has been contained and that the Government is monitoring the situation. However, members of the public are advised to take necessary precautions, remain vigilant and report any suspicious cyber threat activity to the National KE-CIRT, NC4 and DCI," the government said.