Kenya Revenue Authority Grapples with Tragedy and Social Media Hack
NAIROBI, Kenya – The Kenya Revenue Authority (KRA) faced a tumultuous 48 hours, bookended by a public tragedy at one of its offices and the hacking of its primary customer service account on the social media platform X.
The series of events began on the morning of Thursday, October 30, 2025, when a middle-aged contractor, identified as Hannington Juma Raburu, died by suicide after jumping from the second floor of the KRA’s Lake Basin Mall offices in Kisumu. Preliminary reports suggest the incident was linked to a KES 300 million tax demand from the authority.
In an official press statement dated the same day, the KRA confirmed the “unfortunate incident” and expressed its deep regret, conveying “heartfelt condolences to the family and friends of the deceased.” The authority stated it is fully cooperating with law enforcement agencies who have launched an investigation into the circumstances surrounding the death. The incident has sparked public criticism and calls for more empathetic tax enforcement practices.
Hours later, on Friday, October 31, the KRA’s customer care X account, @KRACare, with over 339,000 followers, was compromised by hackers. The account was renamed “StandsX” (also identified in reports as “@Standx_Officiel”) and began posting fraudulent messages.
The KRA swiftly issued a warning on its corporate X account, @KRACorporate, urging the public not to engage with the hacked profile.
“The official @KRACare X (formerly Twitter) account has been hacked and its handle changed to ‘StandsX’,” the statement read. “Members of the public are strongly warned not to engage, share personal information, or send money to any messages or posts from this account, as they are fraudulent.”
The authority assured the public that it had launched urgent efforts in collaboration with X’s management to retrieve and secure the account. It directed citizens to alternative official channels, including its Facebook page and WhatsApp number (0711099999), for updates and assistance.
A check of the hacked account showed its last legitimate post was made on October 30, encouraging Kenyans to report unethical practices through the KRA’s whistleblower portal.
This security breach places KRA on a growing list of Kenyan government institutions, including the Directorate of Criminal Investigations (DCI) and the Kenya Broadcasting Corporation (KBC), that have had their social media accounts compromised in recent months. The back-to-back crises present a significant public relations and operational challenge for the tax agency as it manages the fallout from both a human tragedy and a cybersecurity incident.
About The Author
