This archive report was first published on 4 July 2019.
Safaricom System Glitch Raises Security Concerns ¶
On 28 June, a system malfunction at Safaricom's headquarters enabled customers to acquire data bundles free of charge, with some customers acquiring up to 64 GB of data.
The glitch was quickly detected and rectified by Safaricom, but it was not the first time the company has experienced a system failure. In a recent data breach, Safaricom was sued for Sh115 trillion for breaching the data of 11.5 million customers.
The data breach, which was exposed in court, contained specific identifying details of subscribers, including full names, mobile phone numbers, gender, age, identity numbers, passport numbers, and the total amounts gambled.
Two Safaricom ICT employees, Simon Billy Kinuthia and Brian Njoroge, were charged in court for trying to obtain Sh300 million from the company by transferring privileged information on a subscriber from the company's database and sharing it with an unauthorized person.
On 3 July, another disaster struck Safaricom when its Twitter account posted unusual and offensive tweets, attacking government officials and a digital strategist. The tweets were later deleted, but not before screenshots were taken by affected users.
Safaricom apologized for the incident, stating that it was a system glitch that had been rectified. However, the incident has raised security concerns about the company's system and the security of its customers' data.
Investigations are underway to determine the cause of the glitch, with speculation that it may have been caused by a disgruntled ex-employee or a hacker. The incident has also raised questions about the security of Safaricom's system and the mechanisms in place to prevent similar problems.