Business Registration Service says its probing alleged data breach

In a statement, BRS Director General Kenneth Gathuma noted that they have since notified the relevant authorities including cyber security experts, law enforcement and investigative agencies.

Gathuma added that they have also strengthened their security protocols to safeguard the systems and prevent a re-occurrence in future.

 “At this stage, we are still verifying the details of the alleged breach, including the nature and extent of the compromised data,” said Gathuma.

He added that BRS will issue and update and engage with the affected parties directly once investigations are complete, amid concerns over existing personal data auctioned on the dark web.

“We want to assure all stakeholders that the security and integrity of the company registry remain our top priority,” he stated.

In 2021 the government, through the BRS, undertook a clean-up of the business registry.

The cleanup process involves unverified registered businesses covered as all businesses registered before December 2016.

The proprietors of the businesses were allowed to amend their registration number, company name, share structure details, directors and shareholders as well as residential addresses.

Such information, some fear, could land in the hands of malicious actors, leading to identity theft, fraud, or other forms of financial crime.