Category: Sci & Tech

A disturbing claim emerging from the murky corners of the internet has sparked fresh concerns over the safety of personal data belonging to millions of Kenyans.

Cybersecurity monitors tracking criminal activity on dark web forums say a hacker using the alias “MrDarkRoot” is advertising what is claimed to be one of the largest collections of Kenyan citizen data ever assembled. The seller alleges the database contains personal information belonging to approximately 10 million people.

If the claims are true, the implications could be staggering.

According to screenshots and reports circulating among cyber intelligence communities, the alleged dataset contains an extraordinary range of sensitive information. The seller claims to possess full names, dates and places of birth, national identity card numbers, passport details, residential addresses, telephone numbers, email addresses, tax information, banking records, vehicle ownership records, property details, medical histories, vaccination records, educational backgrounds, criminal records, business registration information and passport-style photographs.

For any cybercriminal, such information would be a goldmine.

Yet there is an important caveat. No independent cybersecurity firm, government agency or regulator has publicly verified the authenticity of the alleged database. Experts familiar with dark web marketplaces caution that cybercriminals often exaggerate the size and value of stolen datasets to attract buyers and build credibility.

Even so, the allegations have landed at a particularly sensitive moment for Kenya, which has experienced a growing number of data security incidents in recent years.

The country has spent billions of shillings digitising public services and moving government records online. Platforms such as eCitizen have become central to everyday life, handling everything from passport applications and business registrations to driving licences and tax services. While digital transformation has improved efficiency, it has also concentrated enormous volumes of personal information in interconnected systems that are increasingly attractive to hackers.

The latest claims follow a series of high-profile breaches and suspected cyber intrusions that have raised uncomfortable questions about how securely Kenyan institutions are protecting sensitive data.

One of the most significant incidents emerged in late 2025 when reports surfaced that hackers had gained access to data linked to millions of users of the M-Tiba healthcare platform. The alleged breach involved highly sensitive medical information and prompted investigations by the Office of the Data Protection Commissioner.

Earlier, the Business Registration Service was forced to investigate reports that company records and shareholder information had been compromised and later appeared on underground marketplaces. The incident drew particular attention because some of the exposed records were linked to influential political and business figures.

Cybersecurity analysts say the alleged MrDarkRoot database is especially alarming because of its breadth. Unlike many breaches that target a single institution, the advertised information appears to span multiple aspects of a person’s life. If genuine, it would provide criminals with a detailed profile of individuals, making it easier to commit identity theft, financial fraud, impersonation scams and other forms of cybercrime.

The danger is not limited to stolen money.

With access to personal records, criminals can open fraudulent accounts, apply for loans using stolen identities, target victims with convincing scams or even use sensitive information for extortion and blackmail. Medical records, financial information and family details are among the most valuable forms of data traded in underground criminal markets.

For now, Kenyan authorities have not issued any public statement confirming the existence of the alleged 10 million-record database. The Office of the Data Protection Commissioner has also not announced any investigation specifically linked to the claims.

That has done little to calm anxieties among cybersecurity experts, many of whom note that major breaches often first surface on dark web forums long before affected organisations acknowledge them publicly.

The claims may ultimately prove false, exaggerated or based on recycled data from older breaches. But even if that turns out to be the case, the episode serves as another stark reminder of the growing cyber threats facing Kenya as more personal information moves online.

For millions of Kenyans, the possibility that such an enormous volume of personal data could be circulating among cybercriminals is unsettling enough. Whether MrDarkRoot is bluffing or sitting on a genuine treasure trove of stolen records, the incident has once again exposed a difficult reality. In Kenya’s digital age, personal information has become one of the most valuable and vulnerable assets a citizen possesses.

Meta is doubling down on its subscription offerings. On Wednesday, the social networking giant announced it’s now rolling out its consumer subscription plans globally for its flagship apps, Instagram, Facebook, and WhatsApp, and beginning tests of new subscriptions for businesses, creators, and Meta AI users.

For a few dollars per month, consumers subscribing to Instagram Plus ($3.99/mo), Facebook Plus ($3.99/mo), or WhatsApp Plus ($2.99/mo) will gain access to extra features, like profile customization, super reactions, and story insights, among other things.

In an announcement, Meta’s head of product Naomi Gleit noted that “more fun features” will be added in the future.

Meanwhile, Meta will begin testing other offerings, including professional plans for creators and businesses, and AI-focused plans for all users. These new tests will be branded as “Meta One,” which will serve as the company’s home for its subscription offerings going forward.

Meta confirmed it was planning a subscription offering earlier this year, with its initial tests rolling out in the spring. The idea behind the plans aimed at consumers is to provide additional features for power users who want more from their social apps. It also allows Meta to diversify its revenue streams beyond advertising by extracting more value from its existing audience of billions, given the limited growth opportunities for these apps, which have already achieved global saturation.

The new “Plus” plans are tailored to each individual app, with Facebook Plus and Instagram Plus focused more on social expression, while WhatsApp Plus focuses on personalization and messaging.

However, the company tells us the new plans don’t replace its existing offering, Meta Verified, which is focused on verification, impersonation protection, and extra support. (This could change in time, but for now, Meta is not winding down the older plans.)

For starters, the new Instagram Plus plan gives subscribers access to extra features, like the ability to see how many people have rewatched your Story in aggregate, as well as the ability to create unlimited audience lists for Stories, beyond the “Close Friends” option.

Users will also be able to spotlight a story once a week for additional views, extend a story beyond 24 hours, preview a story without showing up as a viewer, search their story viewer list to see who is watching, and more.

Users will also be able to post straight to their profile and highlight without showing up on their followers’ feeds.

There are also other features like Super Heart animated reactions for Stories, custom app icons, customizable fonts for profile bios, and access to additional pins for your profile.

These features are designed to better serve creators and those looking to grow their following and understand their audience, but could also appeal to heavy users.

Facebook Plus offers a similar set of features to Instagram Plus. WhatsApp Plus, however, offers other features, like app themes, custom ringtones, additional pinned chats, list customization, premium stickers, and more.

AI plans and more, including those for creators and businesses

Alongside the launch, Meta says it will begin testing even more subscription plans, which is where things start to get confusing.

For Meta AI users, it will test two plans — Meta One Plus ($7.99/mo) and Meta One Premium ($19.99/mo) with the same features, but the Premium plan unlocks more capacity on higher compute queries. That means the Premium plan would offer deeper reasoning for complex tasks (i.e., more of “thinking mode” in the Meta AI app or on the web). It would also offer move video and image generation capabilities across Meta’s apps.

Meta AI will remain free for more casual users, but these plans follow the same path as those put forth by other AI model providers that charge for additional compute and heavier usage. The plans will later expand in the weeks to come with more benefits for those who use AI glasses, Meta says.

The AI plans will start testing next month, initially in Singapore, Guatemala, and Bolivia.

Two other plans for creators and businesses will begin tests later this week, in markets including Saudi Arabia, Morocco, Thailand, and Bangladesh.

The Meta One Essential plan ($14.99/mo) will offer the Verified badge, impersonation protection, and an enhanced linksheet where users can link out to their online presence across social channels and the web, similar to Meta Verified.

The more expensive Meta One Advanced plan ($49.99/mo) will include the Essential plan benefits, as well as the ability to be featured in the Facebook feed, appear higher in Facebook and Instagram search results, gain attention with a bold “Follow” button on Reels, and automatically send “follow” invitations to people who engage with your content.

It can also help creators and businesses drive people to their website or shop through links in Instagram posts, Instagram Reels, and through enhanced Facebook and Instagram profiles with their expanded linksheets. These plans, not surprisingly, include better analytics, including deeper, competitive insights on Instagram, and custom audience insights on Facebook.

Advanced plan subscribers will have access to optimized scheduling tools, tools to share access with other account moderators (without sharing a password), and notifications that alert you when others on Facebook or Instagram reuse your content so you can request a label crediting your original reel.

Gleit acknowledged that Meta is still experimenting with these AI and professional plans for the time being, but aims to bring them all together under Meta One, where they will then continue to be updated and expanded over time.

–TechCrunch

NAIROBI, Kenya Mar 9 – The Country is pushing for stronger regulation and oversight of TikTok as the government moves to safeguard the digital space ahead of the next electoral cycle, Information, Communications and the Digital Economy Cabinet Secretary William Kabogo has said.

Kabogo said the government is engaging the global social media platform to strengthen content moderation, improve age-verification mechanisms and enhance tools to detect misinformation that could undermine election integrity.

The Cabinet Secretary spoke after holding talks with TikTok executives ahead of the TikTok Safer Internet Summit 2026 scheduled to take place in Nairobi.

During the meeting, Kabogo emphasised that while Kenya welcomes innovation and the growth of digital platforms, technology companies must take greater responsibility for the safety of their users.

“With over 17M users in Kenya, TikTok is a key pillar of our Creative Economy. I emphasized that while we welcome innovation, digital safety is a shared responsibility. We are strengthening content moderation and age-verification to protect our children and vulnerable groups,”he said.

However, the CS warned that the rapid growth of social media also presents risks, particularly during politically sensitive periods such as elections.

Kabogo said the government had sought assurances from TikTok on the effectiveness of its systems to detect and curb coordinated disinformation campaigns, warning that unchecked misinformation could threaten democratic processes.

“I sought clear assurances on TikTok’s tools to detect misinformation and prevent coordinated disinformation campaigns. It is vital that global platforms align with Kenya’s Data Protection Act and our evolving regulatory frameworks,”CS Kabogo noted.

He stressed that global platforms operating in Kenya must comply with the country’s legal and regulatory framework, including the Data Protection Act, as authorities continue to refine digital governance policies.

The government is also pushing the company to expand its operational footprint in the country to better support its activities across Africa.

Kabogo challenged the platform to invest more resources in moderating content in local languages, noting that many harmful or misleading posts often evade detection because automated systems are primarily designed for major international languages.

The CS said deeper collaboration between the government and technology companies will be key to building a digital ecosystem that balances innovation, economic opportunity and public safety.

The ICT Cabinet Secretary emphasized that the country is positioning itself as a regional leader in digital transformation and is keen to ensure that the growth of its online platforms is anchored in trust, accountability and responsible use of technology.

“ I’ve challenged TikTok to establish a stronger operational presence in Kenya to support African operations and invest in moderation for local languages. Together, we are building a digital future anchored in innovation, trust, and safety,”CS Kabogo expressed.

AMSTERDAM, March 9 (Reuters) – Russian-backed hackers have launched ​a global cyber campaign to gain access to Signal and WhatsApp accounts used ‌by officials, military personnel and journalists, two intelligence agencies in the Netherlands warned on Monday.

Users are persuaded in chats initiated by the hackers to divulge security verification and pin codes, giving them ​access to personal accounts and group chats, they said in a statement.

“The Russian ​hackers have likely gained access to sensitive information,” the General Dutch ⁠Intelligence Agency (AIVD) and Dutch Military Intelligence and Security Service (MIVD) said.

“Targets and victims of the ​campaign include Dutch government employees” and journalists, the agencies said.

The chat apps offering end-to-end encryption ​are popular with government officials for sharing confidential or classified information, making them “the ideal place for malicious actors to try to capture sensitive information,” they said.

WhatsApp, in a reaction sent to Reuters, said ​users should never share their six-digit code with others and that it continued to ​build ways to protect people from online threats.

Signal said on social media that the targeted attacks ‌were “executed via ⁠sophisticated phishing campaigns, designed to trick users into sharing information” and that its encryption and infrastructure had not been compromised.

USERS PERSUADED TO DIVULGE SECURITY CODES

The hackers most frequently masquerade as a Signal Support chatbot to induce targets to divulge the codes, enabling them ​to take control of ​the accounts, the ⁠statement said.

Another method is to use the ‘linked devices’ function within Signal, it said.

Contacts appearing twice in a user’s contact list, or ​numbers showing up as ‘deleted account’ could indicate that an account has ​been compromised, ⁠the agencies said.

Dutch authorities issued a cyber advisory notifying government colleagues of the vulnerability and providing assistance to eliminate the threat, a spokesman said, citing the joint operation with the ⁠AIVD ​general intelligence service.

“Despite their end-to-end encryption option, messaging apps ​such as Signal and WhatsApp should not be used as channels for classified, confidential or sensitive information,” said ​MIVD director, Vice-Admiral Peter Reesink.

Beijing’s tech firms exploit crippling unemployment crisis to power artificial intelligence ambitions through opaque networks paying workers less than $6 a day

It is three o’clock in the morning in Nairobi. Ken sits hunched over his laptop in the darkness, eyes flickering between his phone and computer screen.

He has been working for nine hours straight, watching the same 10-second video clips on repeat, trying to determine whether beach waves are crashing in slow motion or a woman is stretching into yoga poses at normal speed.

His WhatsApp buzzes.

A teammate has already labelled 2,200 video clips that day. She is exhausted. Ken still has hundreds more to go before he can sleep. Tomorrow, he will wake up and do it all again. For this gruelling work, which can stretch to 12 hours a day, seven days a week, he earns 700 Kenyan shillings. Roughly $5.42.

Ken is one of thousands of young Kenyans quietly powering China’s artificial intelligence revolution from makeshift digital sweatshops operating entirely through WhatsApp groups and shadowy middlemen.

While American tech giants like Meta and OpenAI have faced mounting scrutiny over their exploitation of African data workers, Chinese AI companies have slipped into Kenya through the back door, building an empire on even more precarious terms with virtually no accountability.

The arrangement represents what labour rights activists are calling a new form of digital colonialism.

Unlike their Western counterparts, Chinese firms operate through deliberately opaque supply chains that make it nearly impossible to trace which companies are benefiting from the labour or hold anyone accountable when workers are exploited.

An Invisible Workforce

None of the 10 Kenyan data annotators interviewed for this story knew the names of the Chinese companies behind the projects they worked on.

They knew only their immediate supervisors and the anonymous portals where they submitted their work, platforms like Vranno.ai that open to nothing more than a login page with no publicly available information about ownership or operations.

Workers are recruited through a simple Google Form, managed entirely through WhatsApp groups of up to 30 members, and paid through the local mobile money service M-Pesa.

There are no formal contracts, no human resources departments, no office buildings. Just a phone number, a group chat, and the constant pressure to label faster, work longer, maintain perfect accuracy or face being cut from the project entirely.

“We just get on the platform where some Chinese managers organize the work,” said David, a university student who has been doing this work for three months and asked to use a pseudonym to protect his income. “We have no idea what they are doing with this annotation work.”

This opacity is by design, according to experts tracking the global AI supply chain.

Chinese AI firms have become among the world’s largest buyers of human-labelled data, but unlike increasingly scrutinized American operations, they work through layers of subcontractors that obscure the trail.

“What distinguishes their expansion is not just scale, but opacity,” said Payal Arora, professor of inclusive AI culture at Utrecht University in the Netherlands. The lack of transparency means far less is known about labour conditions, wage structures or worker protections than with Western firms.

Chinese AI companies contacted for this story did not respond to requests for comment about their operations in Kenya.

Digital Factory Floors

The WhatsApp groups function like digital assembly lines. Every morning, administrators post production targets and daily rankings comparing each worker’s output and accuracy.

Multiple times per week, supervisors hold video calls to review performance reports, flag errors, and push teams to work faster. When one worker falls behind, others are ordered to pick up the slack.

The pressure is relentless.

Teams typically go through a trial period where they must collectively label 20,000 video clips per day with at least 90 percent accuracy.

A single person falling below standards can get the entire team fired.

After passing this simulation phase, individuals are expected to annotate up to 26,000 videos daily, work that can take 12 hours for beginners.

Experienced annotators like Ken have learned to split their screens, using both phone and computer simultaneously, recognizing patterns to speed through the mind-numbing work. “You get into the zone and zone out. You become a zombie,” he said. “If I stop, I lag. If I think, I fail.”

Payment requires maintaining at least 85 percent accuracy.

There is no room for error, no tolerance for the fatigue that inevitably sets in after hours of staring at screens.

Fertile Ground for Exploitation

Chinese firms have found extraordinarily fertile ground in Kenya.

Youth unemployment in the country has reached a staggering 67 percent, according to the Federation of Kenya Employers.

More than one million young people enter the labour market annually, many with university degrees but no prospects. In this environment, even exploitative work becomes attractive.

“Kenya hits all the top spots for global outsourcing,” said Shikoh Gitau, founder of Nairobi-based IT provider Qhala.

“Language, literacy, power stability, and a tech-savvy population familiar with Western culture. Our time zone works magic. We can work with the West Coast of the US and the east coast of Asia without much adjustment.”

But Kenya’s advantages for tech companies translate directly into vulnerabilities for workers.

The country’s current labour laws, designed for traditional employment, offer no protections for digital gig workers.

Meanwhile, the government has been slow to formulate regulations, missing its own July deadline to finalize a framework that would establish who bears responsibility for these workers, the platforms or the companies contracting them.

“A lot of work is going on around firmly identifying who should be held accountable as the employers of these workers,” said Florence Kimata, a member of Kenya’s National Innovation Technical Committee. That work remains unfinished.

The China Model

The exploitation of Kenyan workers mirrors practices Chinese AI companies have perfected at home. A 2023 investigation found that Chinese firms employed vast armies of low-wage data annotators recruited from vocational schools or funnelled through labelling centres in impoverished provinces like Gansu, Guizhou, and Henan to keep costs down and scale quickly.

Now they have exported that model abroad, but with even less oversight.

The business model relies on what Joan Kinyua, president of the Data Labelers Association, a Nairobi-based workers’ union, calls “distance and deniability.”

“It is capitalism and the height of digital colonialism,” Kinyua said. “Oftentimes, supervisors do not even mention who you are working for, but you would be able to tell from the faces in the content.”

One Kenyan supervisor who ran a team of 30 workers was blunt about the economic calculation.

“The bigger the project, the more people we hire and the lower the rates we offer,” the supervisor said. “We cannot have people full-time with employment benefits, so we set that expectation.”

Projects typically last only two weeks, ensuring workers never gain enough stability to organize or demand better conditions.

When projects end, workers are cut loose without notice, left to scramble for the next opportunity.

Old Economics, New Technology

The AI industry may present itself as futuristic, but it runs on profoundly old-world economics.

Behind every sleek chatbot and autonomous vehicle are armies of poorly paid workers doing psychologically draining tasks for a few dollars a day.

“Models look automated, but behind the scenes, they are propped up by armies of low-paid workers,” Arora said.

“Companies rely on cheap annotation not because it is optional, but because the current AI business model depends on absorbing massive training costs while still competing on speed. Cheap labour is the silent subsidy keeping the AI boom afloat.”

The global data annotation market, currently valued at $2.56 billion, is expected to grow at 18 percent annually to exceed $13 billion by 2034.

That growth will be built on the backs of workers like Ken and David, labouring in the shadows while tech giants reap billions.

“They are all here simply because of cheap labour,” Kinyua said.

“Companies know Kenyans will give them quality work done at very minimal or zero cost. At times, these workers do not get paid because they do not have a direct link with the organization they have been working for.”

Without contracts, workers have no recourse when payment is delayed or never arrives. It becomes their word against a faceless platform that can simply disappear, as American company Scale AI’s Remotasks platform did in Kenya in March 2024, abandoning thousands of workers with just hours’ notice.

A Race to the Bottom

The Chinese entry into Kenya’s data labelling market threatens to accelerate a race to the bottom that has already devastated workers across the Global South.

Venezuela, devastated by economic collapse, saw data labelling wages plummet to as low as 90 cents per hour as desperate workers flooded platforms. When conditions improved slightly, companies simply moved operations to countries with cheaper labour.

The pattern is repeating in Kenya and across East Africa, Southeast Asia, and the Middle East.

Companies shift from market to market, always seeking the most vulnerable populations willing to work for the least money.

The lack of local infrastructure requirements makes it trivially easy. A WhatsApp group can be created in minutes. When workers start demanding better conditions, the operation moves to the next country overnight.

Kenya’s position in this exploitative system is particularly precarious.

The country has invested heavily in positioning itself as Africa’s tech hub, branding itself “Silicon Savannah.”

But without strong labour protections or transparency requirements, that brand serves primarily to attract companies looking for educated workers they can pay poverty wages.

Activists warn that without urgent action, Kenya and other African countries risk becoming permanent sites of extraction in the global AI economy, providing the raw labour that powers technologies they will never afford to develop themselves, let alone benefit from.

“AI may feel futuristic, but it is built on profoundly old-world economics,” Arora said. “Without fair labour practices, the future of AI will be fast, but fundamentally unjust.”

At three o’clock in the morning, Ken is still labelling videos. The sun will rise in a few hours. He will sleep briefly, then wake up and begin again. The Chinese AI companies whose models he is training will never know his name. He will never know theirs. That is precisely how the system is designed to work.

Additional reporting by Rest of World 

In a bold move aimed at boosting transparency on his social media platform, Elon Musk’s X (formerly Twitter) rolled out a new “About This Account” feature on Monday, revealing the country of origin for user profiles and unmasking a web of foreign-operated accounts posing as local voices in global conversations.

This update, which also displays username change history and app download details, has sparked immediate chaos, exposing troll networks influencing politics from the U.S. to Kenya.

The feature went live early Monday, allowing users worldwide to peek behind the curtain of influential accounts.

In the U.S., it quickly revealed that many prominent “Make America Great Again” (MAGA) profiles—loud proponents of conservative politics—aren’t American at all.

For instance, the account MAGANationX, boasting nearly 400,000 followers and relentless posts about “saving America,” was shown to originate from Eastern Europe.

Similarly, IvankaNews, a million-follower page dedicated to Ivanka Trump, traces its roots to Nigeria. 7 Pro-Kremlin channels like Vladimir Putin News appear to operate from South Asia, while supposed Gaza “eyewitnesses” post from Indonesia, Pakistan, Poland, or Saudi Arabia.

Closer to home in Kenya, the revelations hit even harder, highlighting the country’s unexpected role in global online influence.

Users discovered that The Anfield Talk—a popular Liverpool FC fan page with over 483,000 followers, long presenting itself as UK-based with Merseyside affiliations—was actually created and run from Kenya.

Another account claiming Native American heritage also originated in Kenya.

These findings amused local fans, underscoring Kenyans’ outsized impact on international digital spaces, but they also raised alarms about coordinated propaganda.

The rollout comes amid growing concerns over state-backed disinformation.

A recent Amnesty International report accused the Kenyan government of orchestrating online campaigns to silence Gen Z protesters during demonstrations from June 2024 to July 2025.

These efforts allegedly involved “technology-facilitated violence” on platforms like X, TikTok, and Instagram, flooding feeds with trolls, smears, threats, and misinformation targeting young activists.

However, the feature’s transparency push was short-lived.

By late Monday, X appeared to pause or remove the country-of-origin labels for many users, sparking speculation about privacy backlash or unintended exposures.

X officials claimed the data could be skewed by VPN usage, but critics argue the brief glimpse revealed too much about global troll armies, including those in Eastern Europe, Nigeria, India, and Russia.

This isn’t X’s first foray into profile labeling; the platform recently introduced tags for parody accounts to combat misinformation.

Yet, the rapid reversal on country origins highlights the tension between Musk’s free-speech ethos and user privacy.

As one viral post noted, the feature effectively shared “assassination coordinates” for non-government accounts, echoing Musk’s own past criticisms of location data.

While the full impact remains unclear, this episode underscores how social media giants like X can reshape political discourse overnight.

For Kenya, it spotlights both the ingenuity of local digital operators and the risks of foreign meddling in domestic affairs. As users continue to dig, expect more unmaskings—and perhaps more features quietly rolled back.