President William Ruto’s official website was reportedly hacked on Saturday, July 18, 2026, in what appears to be the latest cyberattack targeting Kenya’s government digital infrastructure, with the attackers allegedly demanding a ransom of five Bitcoins, equivalent to approximately Ksh41.3 million, to restore access.
According to NTV Kenya, the hackers compromised the presidential website and displayed a ransom demand seeking payment in cryptocurrency before normal access to the site was disrupted. At the time of publication, State House had not issued an official statement confirming the reported ransom demand or the extent of the breach.
The reported attack has sparked fresh concerns over the security of Kenya’s critical government digital infrastructure, coming less than a year after dozens of government websites were hit by a coordinated cyberattack.
Latest reported cyberattack
The official presidential website serves as the primary online platform for State House, publishing presidential speeches, official statements, government announcements and national events.
Reports indicate that cybercriminals demanded five Bitcoins to restore access to the platform after compromising the website.
Bitcoin is a digital cryptocurrency commonly demanded in ransomware attacks because transactions are more difficult to trace than conventional financial transfers.
As of Saturday, government officials had not publicly confirmed whether any sensitive data had been compromised or whether negotiations with the attackers were underway.
Similar attacks have targeted Kenya before
The reported incident follows a major cyberattack in November 2025, when multiple government websites, including the presidency portal, ministries and several state agencies, were simultaneously compromised in a coordinated operation.
During that attack, websites belonging to the ministries responsible for Interior, Health, Education, Labour, Energy and several other government institutions were temporarily rendered inaccessible after hackers defaced their homepages.
The government later confirmed that emergency cyber response procedures had been activated and said the affected platforms were restored after the breach was contained. Authorities also launched investigations under the Computer Misuse and Cybercrimes Act.
At the time, Interior Principal Secretary Raymond Omollo attributed the attack to a group identifying itself as PCP@Kenya, while ICT authorities maintained that the incident affected website access and that no government or personal data had been lost.
Rising cyber threats
Kenya has experienced an increase in cyberattacks targeting both public institutions and private organisations in recent years.
Just last week, the Kenya Airports Authority (KAA) confirmed that it had previously suffered a ransomware-related cyber breach, although the agency said there was no significant operational impact and that no sensitive information was compromised. KAA also disclosed that the attackers had demanded a ransom, which the authority declined to pay.
Cybersecurity experts have consistently warned that ransomware attacks on governments are becoming increasingly sophisticated, with attackers often encrypting or disrupting systems before demanding payment in cryptocurrencies such as Bitcoin.
Awaiting official response
By the time of publication, neither State House nor the Ministry of Information, Communications and the Digital Economy had issued an official statement addressing the reported hacking of the presidential website.
It also remains unclear whether government cybersecurity teams have regained control of the platform, whether any public services were affected, or whether any sensitive information was accessed during the reported breach.
The incident is expected to intensify scrutiny of cybersecurity measures protecting Kenya’s critical digital infrastructure, particularly government websites that provide official communication and essential public services.
Leave a Comment