Last year, this publication reported that the National Social Security Fund (NSSF) had faced cyberattacks on its core systems. This was after a threat actor using the handle ‘Devman’ publicly claimed on X (Twitter) to have compromised NSSF systems.
At the time, NSSF publicly denied the claims, stating, “The core system, which stores member data and financial transactions, remains secure and safe.”
NSSF’s latest audited report now offers a formal, explicit disclosure that cyberattacks had material operational consequences during FY 2024/2025.
“The lower-than-budget performance [on benefits payments] is attributable to low system challenges occasioned by cyberattacks, which took time to resolve, leading to backlogs crossing to the next financial year,” reads part of the report.
While the report omits specific timelines for the breaches, it confirms that system outages disrupted member benefit disbursements. This led to a 20% shortfall in payouts, with only KES 8.73 billion distributed against a projected KES 10.96 billion.
This means a KES 2.23 billion deficit was not paid out to pensioners.
Compared to the previous financial year, the 2024/2025 financial year recorded a KES 997 million reduction in member benefits. This dip is also primarily attributed to service disruptions following cyberattacks.
NSSF Cybersecurity Solutions Unimplemented
As of the end date of June 2025 covered in the report, cybersecurity solutions were still being implemented, meaning the NSSF’s defenses were not yet complete at the time of the alleged May 2025 breach.
A KES 137.32 million data recovery center was still under construction. This confirms that the NSSF’s disaster recovery infrastructure was incomplete and unable to provide the necessary redundancy during the cyberattack.
READ: Cyber Attacks in Kenya Jump 441% in Just Three Months
Crucially, the KES 170 million upgrade to the NSSF Member Self-Service Portal (SAP/SSPAS) remained completely unexecuted as a result of procurement delays. This failure to modernize brings the stability and reliability of the Fund’s core ERP system into question.
| ICT Asset Under Construction | Value (KES) |
| Electronic Document Management System (EDMS) | 197,811,405 |
| Data Recovery Centre | 137,322,017 |
| SS House CCTV | 150,671,728 |
| SD-WAN (Software Defined WAN) | 59,781,200 |
| Bank Reconciliation Module | 62,050,000 |
For data integrity, NSSF is in the process of cleaning member databases to ensure correct ledgers and obligations.
