Cyber attackers steal company data in breach at Business Registration Services

Cyber attackers steal company data in breach at Business Registration Services
Cyber attackers steal company data in breach at Business Registration Services - Cyber attackers have hit the Business Registration Services, resulting in sensitive information about private companies being exposed to the public. (Photo: Cybersecurity News)
Cyber attackers have hit the Business Registration Services, resulting in sensitive information about private companies being exposed to the public. (Photo: Cybersecurity News)

BRS, one of the government’s most data-rich organisations, holds sensitive details on registered companies, their owners, directors, and beneficial owners.

The Business Registration Services (BRS) has been hit by a major data breach, resulting in sensitive information about private companies being exposed to the public.

The cyberattack, believed to have taken place on the night of January 31, has left the organisation scrambling to contain the situation.

More To Read

A source familiar with the matter, who spoke to the Nation on the condition of anonymity, revealed that BRS executives spent most of Saturday, February 1, in emergency meetings discussing the breach.

“We still can’t say who is behind the breach, but it looks like the intent is sabotage because the nature of the breach looks like there was an internal actor,” the source said as quoted by the Nation.

When approached for comment, BRS Director-General Kenneth Gathuma said he was unable to provide a statement, as he was occupied with back-to-back meetings addressing the issue.

While the identity of the attacker remains unknown, reports confirm that the stolen data is already being sold on the dark web, a platform known for illegal activities.

The BRS, one of the government’s most data-rich organisations, holds sensitive details on registered companies, their owners, directors, and beneficial owners.

Before the breach, the agency charged fees to access this information, but the attack means that even non-paying individuals now have access.

The public database through which users could access such data is currently down, prompting questions about whether the attackers were responsible for disabling it.

The BRS also manages records of companies in financial distress through the Office of the Official Receiver, with fears that this sensitive information may have been compromised as well.

Under Kenya’s data protection laws, the affected organisation must assess the extent of the breach and notify those impacted.

This breach is the first major cyberattack on a government entity in over a year, following a similar incident at Kenya Airways in late 2023 that resulted in the theft of customer data.

Sources indicate that authorities have ruled out ransomware as a motive, as there have been no demands for payment to restore the stolen data.

Other Topics To Read

Top Stories Today

Reader Comments

Trending

Democratic Republic of Congo | |
Technology | |
Technology | |
Eastleigh | |
Education | |
Business | |

Latest Stories

Djibouti drone strike kills eight rebel fighters, civilians also affected
Regional | |
Kenyan midfielder Timothy Ouma signs for Slavia Prague in Sh 473M deal
Sports | |
Ruto overhauls parastatal leadership with multiple revocations
National | |
NSL: Nairobi United back on top as Ouya’s brace sinks Migori Youth
Sports | |
FKFPL: Tusker, KCB share spoils as Bandari and AFC Leopards claim vital wins
Sports | |
Abductions: State accused of silencing witnesses, families want ICC to intervene
National | |
Trump administration's funding cuts disrupt key malaria vaccine research
Health | |
Somalia implements mandatory vaccination for travellers
Somalia | |
Mbadi: Kenyans are not overtaxed, figures are being misrepresented
National | |
Africa’s 20 wealthiest individuals continue to thrive amid economic challenges
Headlines | |
482 Somali refugees stranded in Kiunga as Lamu calls for urgent support
Somalia | |
Two Tanzanian soldiers killed in DRC, defence department says
Tanzania | |

Popular Stories This Week

Two Tanzanian soldiers killed in DRC, defence department says
Amina Wako |
Business Registration Service admits data breach after cyberattack on company registry
Lucy Mumbi |
Cyber attackers steal company data in breach at Business Registration Services
Lucy Mumbi |
Eastleigh Mall managers raise concerns over frequent power blackouts
Abdirahman Khalif |
Education ministry suspends July KCSE exams following court ruling
Lucy Mumbi |
Africa’s 20 wealthiest individuals continue to thrive amid economic challenges
Lucy Mumbi |
Mbadi: Kenyans are not overtaxed, figures are being misrepresented
Lucy Mumbi |
Lt General Kahariri to act as Chief of Defence Forces following Ogolla's death
John Mbati |
FKFPL: Tusker, KCB share spoils as Bandari and AFC Leopards claim vital wins
Erick Kariuki |
CS Duale predicts Senators voting against Bill seeking to extend Ruto's term limit
Lucy Mumbi |
KICD warns parents, schools to be wary of people selling unapproved CBC textbooks
Lucy Mumbi |
Abductions: State accused of silencing witnesses, families want ICC to intervene
Lucy Mumbi |

Stay ahead of the news! Click ‘Yes, Thanks’ to receive breaking stories and exclusive updates directly to your device. Be the first to know what’s happening.