Nairobi, Kenya – The Kenya Revenue Authority (KRA) has announced that its official X (formerly Twitter) account, @KRACare, has been hacked and its handle changed to “StandsX”.
In a statement released on Friday, 31 October, KRA warned the public against engaging with the compromised account or responding to any of its posts.
The authority cautioned Kenyans not to share personal information or send money in response to any messages from the hijacked profile, describing them as fraudulent.
“The official @KRACare X (formerly Twitter) account has been hacked and its handle changed to ‘StandsX’.
“Members of the public are strongly warned not to engage, share personal information, or send money in response to any messages or posts from this account, as they are fraudulent,” the statement read in part.
KRA added that it has launched urgent efforts, in collaboration with X, to retrieve and secure the affected account.
The agency assured Kenyans that official communication will continue to be shared only through verified KRA platforms.
“Official updates will be shared through verified KRA communication channels,” the authority said.
KRA has urged the public to remain vigilant and to verify information shared online through its official website and verified social media pages.
What are the current cybersecurity trends in Kenya?
The breach raises fresh concerns about cybersecurity and the increasing trend of impersonation on social media, particularly involving government and corporate accounts.
The breach comes amid a growing wave of cyber fraud and impersonation across Kenya’s digital platforms.
According to the Communications Authority of Kenya (CA), Kenya detected over 2.5 billion cyber threats between January and March 2025—a 201.7% increase compared to the previous quarter.
A survey by TransUnion found that 82% of Kenyans reported being targeted by digital fraud attempts between August and December 2024, with 11% admitting they lost money.
Discussion about this post