No Audit Trails, Expired Licences, and ‘God Mode’: How the Government’s HR System Collapsed
Kenya’s payroll system failed due to 720 "superusers" altering 4.7 million records without audit trails, amidst expired software licences...
✨ Key Highlights
A recent audit of the Kenyan Government Human Resource Information System-Kenya (HRIS-K) has uncovered severe security vulnerabilities, leading to widespread financial fraud and the alteration of millions of payroll records without a trace. The system, designed to manage the public sector workforce, lacked fundamental safety mechanisms, allowing for massive irregularities.
- 720 system editors possessed "God Mode" access, enabling them to alter payroll records and even their own without oversight.
- 4.7 million payroll records were altered "without audit trails," making forensic analysis of who made the changes "technically impossible."
- The system ran on expired ICT licences and lacked basic cybersecurity safeguards, compromising its integrity.
Continue Reading
Read the complete article from Techish Kenya
Part of the Day's Coverage
Kenyan Govt System Fraud Exposed as CA Flags Unsafe Phones & Airtel Combats Scams - February 2026
A recent audit of the Kenyan Government Human Resource Information System-Kenya (HRIS-K) has uncovered severe security vulnerabilities, leading to widespread financial fraud and the alteration of millions of payroll records without a trace. The system was found to lack fundamental safety mechanisms. Separately, the Communications Authority of Kenya (CA) has issued a public warning against 21 mobile phone brands deemed "non-type approved," citing significant safety and health risks. In another action to address digital security, Airtel has launched an AI-powered Fraud Alert system in India to combat real-time One-Time Password (OTP) scams. This system is designed to stop digital theft that occurs through social engineering.
