The Government of Kenya has confirmed that a major cyberattack left several key government websites temporarily inaccessible on Monday, November 17, 2025. The affected sites included ministries and state agencies responsible for Health, Education, Labour, Environment, ICT, Tourism, State House, and Interior.

According to a press statement issued by Principal Secretary Raymond Omollo, the State Department for Internal Security and National Administration activated incident response and recovery procedures immediately after detecting the attack. Omollo said the situation has now been contained, and the affected websites are under continuous monitoring.

“The Government of Kenya wishes to notify the public that on 17th November 2025, a cybersecurity incident occurred in which several government websites were rendered temporarily inaccessible,” the statement read.

The breach disrupted access to essential online services, leaving citizens and businesses unable to obtain information or complete transactions.

Users attempting to access the affected platforms encountered error messages, while some websites had been defaced with disturbing messages, including “Access denied by PCP”, “We will rise again”, “White power worldwide” and “14:88 Heil Hitler”.  The attackers also embedded a link to a Telegram channel.

Several state departments were also affected, including the Immigration Department, the Directorate of Public-Private Partnerships, the Directorate of Criminal Investigations (DCI), and the State House website. The Hustler Fund, the Immigration State Department, and the Government Press websites were among other platforms disrupted.

Key services remain functional

Despite the attack, some government services continued to operate normally. Spot checks show that eCitizen, the National Transport and Safety Authority (NTSA), the Judiciary, the Kenya National Examinations Council (KNEC), and the National Police Service remained accessible. Ministries such as Defence and Treasury were reportedly not affected.

Omollo reassured the public that the government remains committed to securing its digital infrastructure and strengthening cyber resilience.

He urged both the public and institutions to remain vigilant and report any suspicious cyber activity through designated channels, including the National Kenya Computer Incident Response Team & Coordination Centre (National KE-CIRT/CC), the National Computer and Cybercrimes Coordination Committee (NC4), and the Directorate of Criminal Investigations (DCI).

The press statement also highlighted that the attack violates Kenyan law and international conventions, including the Computer Misuse and Cybercrimes Act, the Kenya Information and Communications Act, and the Data Protection Act. Individuals responsible for the breach will face legal action.

The government has stated that its focus is on building layered defences, improving readiness, and ensuring that future attempts are detected early, contained quickly, and neutralised effectively.

Cybersecurity incidents of this nature are not new. In 2023, government websites were targeted in a similar attack, which was later claimed by a Sudanese hacker group. At the time, the group said the attacks were retaliatory, accusing Kenya of interfering in Sudanese affairs.