Ruto, Kenyatta families business interests exposed by data breach

Former president Uhuru Kenyatta (center) with his cousin Ngengi Muigai and Senator Beth Mugo after addressing mourners at the burial of his cousin Kibathi Muigai at Ichaweri, Gatundu South. in Kiambu county Mr Muigai, the brother Senator Beth Mugo, is a former rally driver and participated in the safari rally in the 1970s. In his address the former President urged Kenyan Gen Zs to fight for the country and their rights and continue to speak up and hold those in power to account on January 17, 2025. [John Muchucha, Standard]

A massive data breach at Kenya’s Business Registration Service (BRS) has revealed the business holdings of some of the country’s most powerful figures—including President William Ruto, the Kenyatta family, and several other prominent investors.

For years, much of this information remained out of the public eye, but now it’s all been revealed. The breach is raising concerns about the security of private data and the potential risks to personal and national financial security.

At the center of the revealed data are Rachel Ruto, Kenya’s First Lady, and her son, whose names have been linked to dozens of companies.

The First Lady’s name is Chebet Rael Kimeto. A search showed that the Ruto family has investments spanning multiple sectors, with Rachel’s daughter reportedly owning one of the country’s most expensive Airbnb properties. While the Rutos have long been associated with wealth, these details provide a glimpse into their far-reaching business interests.

Uhuru runs the Uhuru Kenyatta foundation, and Uhuru Kenyatta Institute Limited. However, their was another company Uhuru Kenyatta Security and cleaning services registered in South Africa, which we could not verify if it is owned by the former president since most of the details were missing. A search did also not associate the company with others belonging to the Kenyatta family.

The former President’s brother, Muhoho Kenyatta, holds numerous directorial and shareholder positions in 50 companies and organizations.

Chebet Rael Kimeto is a director and shareholder in several businesses across various sectors. She holds leadership roles at Destiny Women Microfinance Bank Limited, Joyful Housing Union Ltd, Talya Company Limited, and Urban Groove Apartments Limited. Kimeto is also involved in the fisheries industry with companies like Lake Jipe Fisheries Ltd, Kisima Fisheries Ltd, and Taveta Fisheries Ltd. Additionally, she has stakes in Black Beauty Company Limited, Koilel Farm Limited, Matiny Limited, Weston Hotel Limited and Bluesand Holdings Limited.

Keep Reading

Among the companies owned by George Kimutai Ruto, President Ruto’s son, are Golf Charlie Investments Limited (beneficial owner), Nerami LLP (partner), Golf Charlie Investment Limited (director/shareholder), TBT The Biashara Team Limited (director/shareholder), X Fold Limited (director/shareholder), and Seil Investment Limited (director/shareholder).

The Moja Expressway company, which was registered five years ago on May 24, 2020. It is owned by Mountain Hill Global Investment Company Limited, Tang Jinsong, and Zhao Yang, with Jophece Obonyo Yogo as the secretary. Mountain Hill Global Investment Company Limited is based in the United Arab Emirates.

The breach, which appears to have compromised a significant amount of data, exposed information about companies, shareholders, and beneficial owners. The authorities are now scrambling to contain the damage and investigate the incident. A spot check conducted by The Standard established that confidential company information could be accessed with just a click of a button. This ease of access has alarmed industry experts and the public alike, highlighting vulnerabilities in the nation’s data protection mechanisms.

Users reportedly gained access to personal details about shareholders and beneficial owners of various firms, potentially exposing them to identity theft and financial fraud.

Kenneth Gathuma, the Director-General of the Business Registration Service, acknowledged the breach and announced investigations, which have included cybersecurity experts from law enforcement agencies.

“Upon receiving reports regarding a potential data breach affecting the company registry’s information, we activated our Incident Response Plan,” Gathuma stated. He said that a comprehensive investigation is underway, with cybersecurity experts collaborating with law enforcement and investigative agencies to assess the situation.

“We are still verifying the details of the alleged breach, including the nature and extent of any compromised data,” he added.