KRA issues urgent warning to Kenyans after its X account is hacked
By Steve Ireri, October 31, 2025The Kenya Revenue Authority (KRA) has issued an urgent warning to the public after its official X (formerly Twitter) account, @KRACare, was hacked and its handle changed to “StandsX.”
In a statement shared on its corporate X account on Friday, October 31, 2025, the authority cautioned Kenyans against engaging with any messages, posts, or requests from the compromised account, emphasising that any attempt to share personal information or send money would be fraudulent.
“The official @KRACare X (formerly Twitter) account has been hacked and its handle changed to “StandsX”. Members of the public are strongly warned not to engage, share personal information, or send money to any messages or posts from this account, as they are fraudulent,” KRA wrote.
In the statement, KRA confirmed that the breach was being addressed in collaboration with X to retrieve and secure the account.
The authority assured the public that all official updates will continue to be shared only through verified KRA communication channels, including their Facebook page and WhatsApp line.
“The Kenya Revenue Authority (KRA) has launched urgent efforts in collaboration with X to retrieve and secure the official account. Official updates will be shared through verified KRA communication channels. You can still reach us on Facebook https://facebook.com/KRACare, or via WhatsApp 0711099999. Thank you,” KRA added.
The hack comes amid a rise in cybercrime targeting government and corporate social media accounts.
The KRA breach comes just months after the Directorate of Criminal Investigations (DCI) confirmed it had successfully reclaimed control of its official Facebook and X accounts following a brief takeover by cybercriminals in February 2025.
During that incident, hackers posted misleading content, which the DCI dismissed as false, and a full investigation was launched to identify and prosecute those responsible.
In a statement on February 9, 2025, DCI confirmed that a thorough investigation had been launched to identify and hold the perpetrators accountable.
“For some moments this evening, we experienced a cyber-attack on the DCI digital platforms (X and Facebook) but have since regained full control. A scrupulous interrogation into the criminal activity has been activated to bring to book the perpetrators,” the DCI wrote.