The Kenya Revenue Authority (KRA) has successfully regained control of its official customer-care account on X (formerly Twitter), after it was hacked and changed to “StandsX.”
In an official post shared via its verified corporate handle, @KRACorporate, the tax authority acknowledged the breach and assured Kenyans that it has already launched recovery efforts in collaboration with X’s technical team.
“Members of the public are strongly warned not to engage, share personal information, or send money to any messages or posts from this account, as they are fraudulent,” the statement read in part.
Account Recovery Complete
KRA confirmed that the hacked @KRACare account, which has a following of over 300,000 users, is now back in its original state and that all normal operations have resumed. The agency thanked the public for their patience during the disruption.
While the account is restored, the agency continues to warn the public to remain vigilant. KRA flagged that shortly after the hack, a fake imposter account emerged claiming to offer support. The authority urged users to avoid the impostor and to block or report suspicious handles.
Experts say this incident falls in line with a broader uptick in social-media-based attacks against public institutions worldwide, where verified handles are hijacked to spread scams or phishing links.
The hack comes amid an increase in cyberattacks targeting verified government and corporate social media accounts, raising questions about security measures and access control on major platforms.
