A 20-year-old Mt Kenya University (MKU) student is facing serious charges after being accused of hacking Sidian Bank systems and stealing more than KSh 7.8 million. Prosecutors allege that Collins Mutuma, a Bachelor of Education (Science) student, conspired with others still at large to siphon millions from customer accounts into his personal bank account.
The student, who appeared calm during his arraignment before Milimani Chief Magistrate Lucas Onyina, denied the charges and claimed he was unfairly linked to a sophisticated cybercrime operation. He was released on a KSh 200,000 cash bail pending trial.
Inside the Hacking Sidian Bank Case
According to prosecutors, Mutuma and his unidentified accomplices executed a calculated digital heist targeting Sidian Bank’s internal systems on January 11, 2025. Investigators say the group unlawfully transferred KSh 7,882,845 from multiple customer accounts into Mutuma’s Diamond Trust Bank (DTB) account.
Court documents revealed that one of the affected accounts belonged to a customer named Peninah Karoki, who lost KSh 471,302. The funds, authorities claim, were quickly moved through several channels to conceal their origin, a tactic commonly used in cyber fraud and money laundering cases.
The prosecution told the court that Mutuma later transferred KSh 300,000 to one Dominic Gichiri Kagwina, and another KSh 169,000 to an M-Pesa number registered under Samuel Mukola Matheka. These transactions, they argued, were part of an elaborate attempt to clean the stolen funds and throw investigators off the trail.
Court Hears How the Student Executed the Cyber Heist
The charge sheet read in court painted a detailed picture of how the young student allegedly participated in the cyberattack. It stated that on the day of the incident, Mutuma, “jointly with others not before the court,” conspired to defraud Sidian Bank by unlawfully siphoning funds from various accounts.
The prosecution insisted that the hacking was deliberate, involving unauthorized access to Sidian’s financial systems. The group allegedly manipulated the internal transfer mechanisms to reroute funds into accounts they controlled.
Investigators from the Directorate of Criminal Investigations (DCI) Banking Fraud Unit traced the stolen cash to Mutuma’s DTB account. From there, the funds were distributed to different people and mobile money accounts in what appeared to be a coordinated laundering operation.
Prosecutors told the court the cyber theft resembled other high-tech financial crimes that have recently targeted Kenyan banks, involving skilled hackers who exploit weak security systems and insider assistance.
Mutuma’s Defense and Court Ruling
Standing before Magistrate Onyina, Mutuma firmly denied all charges, saying he was a victim of mistaken identity. His lawyer argued that investigators rushed to charge him without substantial digital evidence linking him directly to the hack.
He faced three main counts — conspiracy to defraud, stealing, and acquisition of proceeds of crime. The prosecution maintained that the digital trail, bank transfers, and phone records all pointed to his involvement in the fraudulent transactions.
The court granted the accused a KSh 200,000 cash bail with one contact person. A pre-trial mention is set for November 3, 2025, where both sides will present further evidence.
Magistrate Onyina reminded the student to comply with the court’s terms and refrain from contacting any witnesses connected to the case. “The accused is granted a cash bail of KSh 200,000 with one contact person; the pre-trial will be on November 3,” he ruled.
Kenya’s Rising Cybercrime Problem
The MKU student’s arrest highlights Kenya’s growing struggle with cybercrime targeting banks and digital financial platforms. Over the past two years, financial institutions have suffered millions in losses due to hackers exploiting loopholes in digital systems.
In a related case, detectives arrested a 26-year-old former Meru University student in Tatu City for allegedly hacking into a payment service provider linked to a betting firm and stealing KSh 11.4 million. The suspect reportedly bypassed advanced security systems and rerouted the funds before being tracked down by DCI’s Banking Fraud Investigations Unit.
Cybersecurity experts warn that the increase in digital financial crimes is partly due to weak online security frameworks, insider collusion, and the growing sophistication of tech-savvy criminals. Kenyan banks are now being urged to enhance system monitoring and staff training to prevent future breaches.
What Lies Ahead for the Accused
Collins Mutuma’s case will be closely watched by both the public and the banking sector. If found guilty, he faces years in prison and the possibility of forfeiting any assets linked to the stolen money.
His trial also underscores the evolving nature of cybercrime in Kenya—a threat that increasingly involves young, educated individuals with advanced computer skills.
While Mutuma maintains his innocence, investigators believe they have strong digital and financial evidence against him. The outcome of this case will likely set a precedent for how courts handle similar technology-driven financial crimes in the future.
