Kenya restricted access to the president's website after its ICT Authority detected a cybersecurity incident, activated response protocols and began an investigation, confirming an event at an important public site without establishing compromise of the whole government network. [1]
The government said restoration and forensic work were under way and reported no evidence at publication that sensitive data had been accessed, removed or lost, but that assurance is a timestamped official claim rather than an independent audit or a promise about what later log analysis will find. [1]
The visible prominence of a presidential website invites a larger story than the evidence supports, since a restricted page can reflect containment rather than a continuing outage, an incident can remain in the public web layer without reaching internal records or operational systems, and restoration cannot prove every access path identified and closed.
No verified X post was recovered, so actor attribution and government-wide compromise remain unobserved frames while the open forensic questions concern the vulnerability used, any logged movement beyond the website, the timing of full restoration and the review authorities will publish.
Kenya has therefore confirmed detection, containment and investigation but not sensitive-data exposure, exfiltration, wider network compromise or responsibility, all of which are separate findings that require separate evidence rather than inference from the site's visibility.
-- AMARA OKONKWO, Lagos