CarePay International A.I CyberSecurity Scoring
CarePay International
Company Information
Website:https://www.carepay.com/
Employees number:134
Number of followers:5,205
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:carepay.com
CarePay International Risk Score (AI oriented)
Between 650 and 699
CarePay InternationalTechnology, Information and Internet
Updated:
01/04/2026
01/04/2026
685/1000
Weak
B
CarePay International Global Score (TPRM)
xxxx
CarePay InternationalTechnology, Information and Internet
Score locked

CarePay InternationalWeak
Current Score
685B (WEAK)
01000
2 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
689
JUNE 2026
689
MAY 2026
687
APRIL 2026
686
MARCH 2026
684
FEBRUARY 2026
683
JANUARY 2026
682
DECEMBER 2025
681
NOVEMBER 2025
679
OCTOBER 2025
678
SEPTEMBER 2025
676
AUGUST 2025
675
MAY 2025
739
Breach
01 May 2025 • CarePay International
M-Tiba, Mediclinic Southern Africa and Lancet Laboratories: Healthcare Under Attack? Why is Cybersecurity Now Critical?
Cyberattacks on Africa’s Healthcare Sector Escalate, Disrupting Critical Services and Endangering Patients
668
CRITICAL-71
MEDLANCAR1773312928
Cyberattacks on Africa’s Healthcare Sector Escalate, Disrupting Critical Services and Endangering Patients
Africa’s healthcare systems are under siege as cybercriminals exploit rapid digitization to target hospitals, laboratories, and clinics, crippling operations and exposing sensitive patient data. With attacks surging by 38% in 2025 averaging 3,575 weekly incidents healthcare providers face ransomware, data breaches, and regulatory penalties, often with life-threatening consequences.
Recent Attacks Highlight Vulnerabilities
In May 2025, Mediclinic Southern Africa suffered a cyber extortion attack, compromising HR data. Later that year, Lancet Laboratories was penalized under South Africa’s POPIA law for failing to notify patients of a breach, while a ransomware strike on the National Health Laboratory Service disrupted blood test processing nationwide, delaying care for millions. Other incidents included a data breach at Kenya’s M-Tiba platform (managed by CarePay and backed by Safaricom) and an alleged leak of customer data from Morocco’s Pharmacie.ma. Nigeria’s private healthcare sector has emerged as a top target, with attacks accelerating at an alarming rate.
Why Healthcare Is a Prime Target
Legacy systems, underfunded IT teams, and fragmented infrastructure make African healthcare an easy mark. Many institutions rely on open-source AI tools for diagnostics, which often lack enterprise-grade security, while unencrypted patient records stored across disparate systems amplify breach risks. Cybercriminals exploit hospitals’ zero-tolerance for downtime, knowing they are more likely to pay ransoms. Even then, recovery is uncertain: insurers report that in 40% of ransom payments, data or operations remain inaccessible.
Medical records are particularly lucrative, fetching up to $310 per record on the dark web 10 times the value of financial data due to their permanence and utility for identity theft, insurance fraud, and scams.
Mitigation Efforts and Challenges
Experts emphasize integrating cybersecurity into resilience planning, alongside physical safeguards like power backups. Key measures include:
- AI-driven threat detection to counter increasingly sophisticated attacks, including AI-powered phishing (4.5x more effective than traditional methods).
- Phishing-resistant multifactor authentication (MFA) and conditional access to combat credential abuse, a common attack vector.
- Regular audits of third-party integrations, particularly AI and cloud services, to close security gaps.
- Staff training to recognize phishing and enforce role-based access controls.
Despite these steps, underreporting remains rampant, obscuring the full scale of the crisis. As WHO Director-General Tedros Adhanom Ghebreyesus warned, cyberattacks on healthcare “undermine trust in health systems” and, at worst, “cause patient harm and death.” With digital transformation accelerating, securing Africa’s healthcare infrastructure is no longer an IT concern it’s a matter of patient safety.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2019
767
Breach
16 Jun 2019 • CarePay International
M-Tiba (CarePay)
M-Tiba Data Breach: Alleged Theft of 17 Million Medical and Personal Records
645
CRITICAL-122
CAR4532345102825
Hackers under the group Kazu claim to have breached M-Tiba, a Safaricom-backed digital health wallet operated by CarePay, stealing 17 million files (2.15TB) of sensitive data. The leaked sample (2GB) includes patients’ names, national ID numbers, dates of birth, phone contacts, medical diagnoses, billing records, and treatment details from 114,000 users (potentially affecting 4.8 million people). The breach also exposed data from 700+ health facilities, including doctor notes, insurance details, and handwritten medical records.The incident, if confirmed, would be one of Kenya’s largest medical data breaches, violating the Data Protection Act (2019), which mandates strict safeguards for health records. M-Tiba neither confirmed nor denied the breach but requested leaked files for investigation. The Office of the Data Protection Commissioner (ODPC) acknowledged the case but declined further comment.Given M-Tiba’s role in health payments, insurance claims, and government subsidies, the breach risks identity theft, financial fraud, and reputational damage to patients, clinics, and insurers. Kenya’s rising cyber threats—including phishing, ransomware, and public-sector attacks—highlight systemic vulnerabilities in digital health infrastructure.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for CarePay International ??
What was CarePay International's A.I Rankiteo Cyber Score in June 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in May 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in April 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in March 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in February 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in January 2026 ??
What was CarePay International's A.I Rankiteo Cyber Score in December 2025 ??
What was CarePay International's A.I Rankiteo Cyber Score in November 2025 ??
What was CarePay International's A.I Rankiteo Cyber Score in October 2025 ??
What was CarePay International's A.I Rankiteo Cyber Score in September 2025 ??
What was CarePay International's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on CarePay International's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with CarePay International ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view CarePay International's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?