NAIROBI, Kenya Feb 3 – The government has confirmed a major data breach at the Business Registration Service (BRS), potentially exposing sensitive information on millions of companies.
The cyberattack, believed to have occurred on the night of January 31, has raised serious concerns over data security, prompting urgent containment efforts.
In a statement on Sunday, BRS Director General Kenneth Gathuma said investigations are underway.
“Our cybersecurity experts are working closely with our cybersecurity partner, law enforcement, and investigative agencies to assess the scope of the incident, determine any potential impact, and implement necessary containment and mitigation measures,” Gathuma said.
He added that the agency is still verifying the extent of the breach, including the nature of any compromised data.
“Once the investigation is complete, we will provide an update and directly engage with any affected parties,” he assured.
As the sole custodian of Kenya’s company registry, BRS holds critical data on all registered businesses, including company names, directors’ and shareholders’ details, business activities, physical addresses, contact information, and registration dates.
“As a precautionary measure, we have strengthened our security protocols to safeguard our systems and prevent future incidents. The Business Registration Service remains fully committed to addressing this matter with transparency and diligence,” Gathuma said.
Leave a Reply