-
A threat actor known as “MrDarkRoot” claims to possess personal records belonging to nearly 10 million Kenyan citizens.
-
The advertised dataset allegedly contains national IDs, passport information, banking details, medical records, and other sensitive data.
-
Authorities and independent cybersecurity researchers have not yet verified the authenticity of the alleged database.
A cybercriminal operating under the alias “MrDarkRoot” has reportedly listed what could be one of the largest collections of Kenyan citizen data ever offered on the dark web.
The threat actor claims the database contains personal information linked to approximately 10 million people. If authentic, the dataset would expose an extensive range of sensitive records covering multiple aspects of citizens’ lives.
Hacker Advertises Massive Kenyan Citizen Database
According to details shared in the advertisement, the alleged database includes full names, dates and places of birth, national identification numbers, passport information, home addresses, phone numbers, and email addresses.
The seller also claims the collection contains tax records, banking information, vehicle ownership data, property details, educational backgrounds, business registration records, criminal history information, vaccination records, medical data, and passport-style photographs.
Dark web activities range from data sales to drug purchases. A UK offender avoided jail despite multiple violations including dark web access, showing the varied nature of dark web-related crimes.
Security experts caution that such claims should be treated carefully until independent verification takes place. Cybercriminals frequently exaggerate the size, quality, or significance of stolen datasets to attract buyers and gain credibility within underground marketplaces.
At the time of reporting, no cybersecurity company, government agency, or regulator has publicly confirmed that the advertised records are genuine.
Previous Breaches Raise Fresh Concerns
The latest claims arrive as Kenya continues to face growing cybersecurity challenges.
Several major incidents have already raised concerns about the security of sensitive personal information stored across public and private platforms. In late 2025, reports emerged that attackers had gained access to data associated with millions of users of the M-Tiba healthcare platform.
Authorities also investigated claims that records connected to the Business Registration Service appeared on underground forums and dark web marketplaces.
Unlike many breaches that affect a single company or institution, the newly advertised dataset allegedly combines information from multiple areas of a person’s life. Security professionals warn that this type of consolidated data can significantly increase the risk of identity theft and financial fraud.
Criminals can use such information to create highly convincing phishing campaigns, impersonate legitimate organizations, bypass identity verification checks, or conduct targeted social engineering attacks.
The inclusion of financial, medical, and personal records could also create opportunities for extortion attempts and blackmail schemes.
Authorities Yet to Confirm Claims
The allegations regarding the Cambodian government manipulating a database of all citizens are unárúná in the public domain yet. There has not been any public announcement from either the Data Protection Commissioner or Cambodian authorities regarding an investigation into these claims made by the perpetrator of the threat.
While cybersecurity experts are still determining the legitimacy of the data, the incident raises clear concerns about data security as society continues its shift toward digital services.
Many services offered by the Cambodian government, including eCitizen and other digital services, are continuously processing vast amounts of sensitive data. With the advent of digital services many organizations are under increasing pressure to enhance their security measures and protect the personal data of their citizens from exposure.
Regardless if the data is inaccurate or overblown, experts comment that this incident continues to caution us of the risks inherent in the large-scale collection of personal data in centralized digital formats.
Until these agencies complete their inquiries into the alleged breaches, the public should remain vigilant for potentially compromised emails, unsolicited phone calls, and requests for sensitive information.
Authorities advise citizens to use multi-factor authentication wherever possible and to monitor their bank accounts for unusual activity during this period of uncertainty regarding these allegations.
