BRS Director General Kenneth Gathuma. Photo | Courtesy.
The Business Registration Service (BRS) has said that the company registry was breached exposing companies’ sensitive information.
In a statement issued on Sunday, February 2, 2025, BRS Director General Kenneth Gathuma confirmed that investigations are underway to determine the nature and extent of the breach.
“Our cybersecurity experts are working closely with our cybersecurity partner, law enforcement, and investigative agencies to assess the scope of the incident, determine any potential impact, and implement necessary containment and mitigation measures,” Gathuma stated.
As the custodian of Kenya’s company registry, BRS holds critical data on all registered businesses, including company names, directors’ and shareholders’ details, business activities, physical addresses, contact information, and registration dates.
The agency is currently verifying the specifics of the alleged breach to understand the nature and extent of any compromised data.
READ: Kenya’s Rising Cyber Threats: Why Securing the Digital Economy Is Now an Urgent Priority
In response to the incident, BRS has proactively strengthened its security protocols to safeguard its systems and prevent future breaches. Gathuma emphasized the agency’s commitment to addressing the matter with transparency and diligence.
“As a precautionary measure, we have strengthened our security protocols to safeguard our systems and prevent future incidents. The Business Registration Service remains fully committed to addressing this matter with transparency and diligence,” Gathuma said.
The BRS urges all stakeholders to remain vigilant and report any suspicious activities related to company data. Further updates will be provided as the investigation progresses.
