Tech Worker Accused Of Pulling Inside Job In Massive M-Pesa Theft Case

By  |  July 11, 2023

In a controversial turn of events, it has come to light recently that a group of insider tech workers are mired in a case of funds theft orchestrated via Kenya’s leading mobile money platform, M-Pesa, which left a prominent Kenyan IT firm and multiple banks reeling following a loss of KES 91 M (USD 644 K) back in June 2018.

The revelation has sent ripples of concern through the financial and technology sectors in the country, raising concerns about the vulnerability of digital payment systems and highlighting the importance of robust security measures.

At the centre of the incident is one Gideon Mwangi Kabaru, an in-house software developer who at the time was employed at Craft Silicon, a Kenyan multinational IT firm that provides software solutions for core banking, microfinance, switching and electronic payments.

It is alleged that Kabaru, possibly in tandem with other persons, conspired to exploit weaknesses in the M-Pesa mobile money platform, widely used in Kenya for various transactions. Leveraging their privileged access to the system, the insiders allegedly masterminded a meticulously planned operation to siphon off substantial funds, reports local publication Nation Africa.

According to preliminary investigations, the insiders exploited a combination of technical knowledge, system vulnerabilities, and social engineering tactics to gain unauthorized access to the M-Pesa platform. By carefully manipulating transaction records and diverting funds to various bank accounts, they were able to execute the heist undetected for some time.

Word of the incident only entered the public domain recently, some five years after the breach, following a legal battle that kicked off after the Kabaru was summarily dismissed from Craft Silicon in 2018, following a system audit. Craft Silicon claims they traced the cash leaks to Kabaru, revealing that it was pulled off via an illegally installed application on the IT firm’s M-Pesa server which was used to siphon millions of shillings.

Kabaru maintains that he had nothing to do with the incident, reiterating that he was out of the country at the time while suing for wrongful termination. But a Kenyan court judge, Justice James Rika, ruled last week that Kabaru was “directly or indirectly involved in this fraud” and also reprimanded Craft Silicon for going afoul of Kenya’s labour laws in the process of terminating Kabaru’s employment.

According to court documents, the stolen funds were dispersed across multiple bank accounts to further obfuscate the trail and avoid arousing suspicion. It is believed that the insiders had established a network of accomplices who helped them facilitate the movement and laundering of the illicitly obtained funds. Authorities are understood to be working to track down co-conspirators and recover the loot.

The incident serves as a wake-up call for financial institutions and technology companies to reassess their security protocols and implement more stringent measures to safeguard against internal threats. While external cyberattacks often dominate headlines, this case underscores the significance of insider threats, emphasizing the need for robust monitoring systems, access controls, and employee vetting procedures.

The implications of such a breach could extend beyond financial losses as it’s a strain on public trust in the security of digital payment systems, potentially undermining the widespread adoption of such technologies. Regulators and industry stakeholders would be looking to maintain confidence in the digital financial ecosystem by enacting stricter regulations and promoting transparent security practices.

Most Read


From Desert To Digital: A Deep Dive Into Africa’s Overlooked Region, Sahel

The African-Sahel region, which has immense potential and extends from the Atlantic coast


How Nigeria Fell In—And Out Of—Love With Its Ubiquitous POS Agents

Not long ago, Point-of-Sale (POS) agents were hailed as a revolutionary force reshaping