The Business Registration Service (BRS) has assured Kenyans that the security and integrity of its registry remain the company’s top priority.
BRS acknowledged reports of a potential data breach affecting the company registry and confirmed that an investigation is underway.
“Upon receiving this information, we immediately activated our Incident Response Plan, launched a comprehensive investigation, and notified the relevant regulatory authorities,” BRS Director-General Kenneth Gathuma said in a statement on Sunday.
This follows reports that BRS has allegedly suffered a major data breach, exposing sensitive information about private companies to the public.
The agency stated that it has implemented precautionary measures to strengthen security protocols, safeguard its systems, and prevent future incidents.
BRS cybersecurity experts are collaborating with a cybersecurity partner, law enforcement, and investigative agencies to assess the scope of the breach, determine its potential impact, and implement necessary containment and mitigation measures.
“At this stage, we are still verifying the details of the alleged breach, including the nature and extent of any compromised data,” BRS stated.
“Once the investigation is complete, we will provide an update and directly engage with any affected parties.”
The cyberattack, believed to have occurred on the night of January 31, has left the organization scrambling to contain the situation.
“BRS remains fully committed to addressing this matter with transparency and diligence,” the agency added.
“We appreciate the patience and cooperation of all affected parties as we work towards a resolution. For further updates, please visit our official channels.”
The development has caused jitters among Kenyans with sensitivity data at BRS.
BRS, one of the government’s most data-rich organizations, holds sensitive details on registered companies, their owners, directors, and beneficial owners.
