Websites hosted on Safaricom server defaced, Safaricom responds

Safaricom hosted websites hack

Hapa Kenya earlier today reported of a “hacking” that happened earlier today where several websites were defaced and a message from a Tunisian guy placed on the homepages of the said sites. As of now, the webmasters have since taken measures to correct this mishap. All of these websites are developed from CMSes, Joomla and WordPress, hence making it easy for the hacker to serialize the hack as soon as they compromised the first. Usually, such kind of exploits happen when a hacker discovers a loophole in one site and injects a code to replace the index file on the homepage. The loopholes hence come by as a result of out of date software where security is weak and a patch hasn’t been fixed. Once the hacker gains access they are able to access all the index files on other folders within the server.

Safaricom which hosts these sites has issued a statement saying that this is a case of laxity in terms of the developers. Below is the message from Nzioka Waita, Director, Corporate Affairs at Safaricom:

We have detected and informed some of our customers that their websites hosted on Safaricom’s infrastructure have been compromised as a result of weak security controls on their ( the website owners) individual websites. It is the website owners responsibility to develop, manage and secure the content on their websites as Safaricom’s role is merely one of hosting.


Safaricom’s hosts thousands of websites and adopts leading practices when providing domain hosting infrastructure to our customers and would like to reiterate that our platform remains robust and secure.


To avoid isolated cases of website hacking by third parties we routinely recommend to our customers the following tips;


  • Use the latest secure versions of software on your sites
  • Keep regular back-ups of their websites
  • Enforce the use of strong passwords and secure configurations
  • Perform regular security tests of your websites