Cyber Incident Victim: National Oil Corporation of Kenya

On May 30, 2016, the World Hacker Team (WHT), a subgroup of the Anonymous collective, publicly leaked a database dump obtained from a survey management content management system (CMS) associated with the National Oil Corporation of Kenya's official website. The attackers compromised the backend of this system and extracted two primary tables containing organizational data. The first table exposed credentials and administrative details for five CMS users, including usernames, email addresses, and their respective ranks within the corporation. The second table contained identical categories of information for 218 National Oil Corporation employees, though the specific sensitivity of these records was not characterized as critical. WHT substantiated their breach by publishing a screenshot of the compromised CMS interface alongside the data dump, though the exact intrusion method remained unspecified in available reports.

This incident formed part of the second phase of Anonymous' #OpAfrica campaign, which explicitly targeted Kenyan institutions alongside seven other African nations. The leak followed a previous operation where Anonymous released 1TB of documents from Kenya's Ministry of Foreign Affairs, establishing a pattern of regional cyber operations. While the National Oil Corporation breach did not involve highly sensitive data like financial records or national infrastructure details, security analysts noted the exposure created risks of increased spam targeting affected employees. No statements from the National Oil Corporation regarding incident response, containment measures, or forensic investigations were documented in the primary source material. The operation demonstrated the persistence of #OpAfrica's activities across multiple African jurisdictions with limited technical sophistication relative to historical Anonymous breaches.