Safaricom PLC
Company Details
Linkedin ID:
safaricom
Website:
Employees number:
16,081
Number of followers:
541,064
NAICS:
517
Industry Type:
Homepage:
safaricom.co.ke
IP Addresses:
0
Company ID:
SAF_1327667
Scan Status:
In-progress
Safaricom PLC Company CyberSecurity Posture
safaricom.co.ke
Safaricom is the leading provider of converged communication solutions in Kenya. In addition to providing a broad range of first-class products and services for Telephony, Broadband Internet and Financial services, Safaricom seeks to uplift the welfare of Kenyans through value-added services and support for community projects. With over 29 Million subscribers and an estimated market share of 67%, the Company has the widest modern mobile network coverage in Kenya and prides in its experienced shareholders, attractive tariffs, a nationwide network of effective dealers, high caliber staff and management enabling it to maintain its position as the region’s mobile market leader. M-PESA has over 23 million subscribers, supported by a nationwide agent network of over 156,000 outlets. M-PESA is the world's most developed biggest mobile payment system. Facts about Safaricom • Employs over 5,500 staff directly and over 500,000 indirectly • Has approximately 4,945 network sites across the country • 50% of employees and 32% of senior management working at Safaricom are women. • Has the largest call center in Sub-Saharan Africa Our people are our most valuable asset and are key to the achievement of our vision of transforming lives. This is reflected in our commitment to creating a working environment that supports our staff. We offer employees a wellness programme, crèche facilities, access to subsidized gym facilities, leisure amenities, regular social events, competitive salaries and career opportunities. We give back to the society through the Safaricom Foundation. Since inception, the foundation has disbursed 2 billion shillings in different initiatives that provide sustainable community-based solutions, contributing towards Kenya’s development agenda, and the Millennium Development Goals. Safaricom is a key member and supporter of the B Team and the B Team – Africa, alliances of business leaders who are committed to responsible and sustainable business practices.
Safaricom PLC A.I CyberSecurity Scoring
Safaricom PLC Risk Score (AI oriented)Between 750 and 799
Safaricom PLC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Safaricom PLC Global Score (TPRM)XXXX
Safaricom PLC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Safaricom PLC Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Safaricom PLC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Safaricom PLC
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Safaricom PLC in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Safaricom PLC in 2025.
Incident Types Safaricom PLC vs Telecommunications Industry Avg (This Year)
No incidents recorded for Safaricom PLC in 2025.
Incident History — Safaricom PLC (X = Date, Y = Severity)
Safaricom PLC cyber incidents detection timeline including parent company and subsidiaries
Safaricom PLC Company Subsidiaries
Safaricom is the leading provider of converged communication solutions in Kenya. In addition to providing a broad range of first-class products and services for Telephony, Broadband Internet and Financial services, Safaricom seeks to uplift the welfare of Kenyans through value-added services and support for community projects. With over 29 Million subscribers and an estimated market share of 67%, the Company has the widest modern mobile network coverage in Kenya and prides in its experienced shareholders, attractive tariffs, a nationwide network of effective dealers, high caliber staff and management enabling it to maintain its position as the region’s mobile market leader. M-PESA has over 23 million subscribers, supported by a nationwide agent network of over 156,000 outlets. M-PESA is the world's most developed biggest mobile payment system. Facts about Safaricom • Employs over 5,500 staff directly and over 500,000 indirectly • Has approximately 4,945 network sites across the country • 50% of employees and 32% of senior management working at Safaricom are women. • Has the largest call center in Sub-Saharan Africa Our people are our most valuable asset and are key to the achievement of our vision of transforming lives. This is reflected in our commitment to creating a working environment that supports our staff. We offer employees a wellness programme, crèche facilities, access to subsidized gym facilities, leisure amenities, regular social events, competitive salaries and career opportunities. We give back to the society through the Safaricom Foundation. Since inception, the foundation has disbursed 2 billion shillings in different initiatives that provide sustainable community-based solutions, contributing towards Kenya’s development agenda, and the Millennium Development Goals. Safaricom is a key member and supporter of the B Team and the B Team – Africa, alliances of business leaders who are committed to responsible and sustainable business practices.
Loading...
Safaricom PLC Similar Companies
Huawei is a leading global provider of information and communications technology (ICT) infrastructure and smart devices. With integrated solutions across four key domains – telecom networks, IT, smart devices, and cloud services – we are committed to bringing digital to every person, home and organi
We believe it’s people who give purpose to our technology. So we’re committed to staying close to our customers and providing them the best experience. And delivering the best tech. On the best network. Because our purpose is to build a connected future so everyone can thrive. We build techno
Axiata
AXIATA GROUP BERHAD 242188-H (199201010685) In pursuit of its vision to be The Next Generation Digital Champion, Axiata is a diversified telecommunications and digital conglomerate operating Digital Telcos, Digital Businesses and Infrastructure businesses across a footprint spanning ASEAN and Sout
Bharti Enterprises
Bharti Enterprises is one of India’s leading business group with diversified interests in telecom, financial services, real estate, hospitality, agri and food. Bharti has been a pioneering force in the Indian telecom sector with many firsts and innovations to its credit. Bharti Airtel, the group's
VEON
VEON is a global digital operator headquartered in Dubai, providing connectivity and digital services across dynamic frontier markets that are home to more than 6% of the world’s population. With our digital operators, we transform lives through technology-driven services that empower millions and
Telecom Argentina
We are Telecom Argentina, a connectivity solutions and entertainment company with over 23,000 collaborators throughout the country. We transform the digital experience of our over 28 million customers providing them a secure, flexible and dynamic service on all of their devices, with high speed mobi
Telkomsel
Connecting Nation. Accelerating Indonesia's Future. As Indonesia's leading digital telecommunications company, Telkomsel is committed to building a connected, competitive, and future-ready society. For over 29 years, we've empowered individuals, homes, and businesses with innovative connectivity an
T-Mobile
T-Mobile US, Inc. (NASDAQ: TMUS) is America’s supercharged Un-carrier, delivering an advanced 4G LTE and transformative nationwide 5G network that will offer reliable connectivity for all. T-Mobile’s customers benefit from its unmatched combination of value and quality, unwavering obsession with off
Make a new start. A start that will build beautiful relationships, shape millions of ideas. Enable a new way to live, learn, work and play. At Jio, we build products and services of the future to empower billions of Indians make their dreams a reality. Jio is about YOU. Join the movement to make I
.png)
Safaricom PLC CyberSecurity News
November 20, 2025 03:56 AM
Safaricom Announces 10 Job Vacancies, Invites Qualified Candidates to Apply
Safaricom is hiring for 10 diverse job roles across various departments. Explore opportunities for big data engineers, accountants,...
November 20, 2025 03:23 AM
Safaricom receives CMA Approval for Ksh. 40 billion corporate bond
Safaricom PLC, Kenya's leading telecommunications company, has officially announced that it has secured approval from the Capital Markets...
November 13, 2025 09:45 AM
Safaricom’s Advanced Security Slashes Business Attacks by 90% as National Threats Hit 4.6B
Amid 4.6B national threats, Safaricom claims its "Zero Trust" strategy cut business cyber-attacks by 90%.
November 04, 2025 08:00 AM
Kenya Ill-Prepared to Handle Rising Cybercrime, Experts Warn
Kenya ranks among African countries facing an acute deficit of cybersecurity risk experts. - Kenya breaking news | Kenya news today...
October 31, 2025 07:00 AM
Experts warn that Kenya faces an acute cybersecurity manpower shortage
Kenya has been ranked as one of the countries in Africa that face an acute shortage of cybersecurity risk professionals,
October 30, 2025 07:00 AM
Safaricom in deal with retailer Naivas to sell home Internet routers
Safaricom is counting on Naivas' 110 stores, along with the 61 outlets owned by Quickmart, to expand its reach to consumers outside the...
October 21, 2025 07:00 AM
Kenya’s Digital Ambition Finds A Local Anchor In Safaricom Business Cloud
Safaricom Business cloud solutions are reshaping how Kenyan companies store data, work remotely, and build digital resilience.
October 08, 2025 07:00 AM
Businesses urged to patch software vulnerabilities
Safaricom has called on enterprises to urgently strengthen their cybersecurity platforms, warning that vulnerabilities are leaving many...
October 07, 2025 07:00 AM
Safaricom’s 2025 Sustainable Business Report Shows Record KSh 1.1 Trillion True Value Driven by M-PESA and Social Impact Initiatives
Safaricom (NSE: SCOM) has reported a True Value of Kshs.1.1 trillion, according to the company's latest annual Sustainable Business Report.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Safaricom PLC CyberSecurity History Information
Official Website of Safaricom PLC
The official website of Safaricom PLC is http://safaricom.co.ke/.
Safaricom PLC’s AI-Generated Cybersecurity Score
According to Rankiteo, Safaricom PLC’s AI-generated cybersecurity score is 789, reflecting their Fair security posture.
How many security badges does Safaricom PLC’ have ?
According to Rankiteo, Safaricom PLC currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Safaricom PLC have SOC 2 Type 1 certification ?
According to Rankiteo, Safaricom PLC is not certified under SOC 2 Type 1.
Does Safaricom PLC have SOC 2 Type 2 certification ?
According to Rankiteo, Safaricom PLC does not hold a SOC 2 Type 2 certification.
Does Safaricom PLC comply with GDPR ?
According to Rankiteo, Safaricom PLC is not listed as GDPR compliant.
Does Safaricom PLC have PCI DSS certification ?
According to Rankiteo, Safaricom PLC does not currently maintain PCI DSS compliance.
Does Safaricom PLC comply with HIPAA ?
According to Rankiteo, Safaricom PLC is not compliant with HIPAA regulations.
Does Safaricom PLC have ISO 27001 certification ?
According to Rankiteo,Safaricom PLC is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Safaricom PLC
Safaricom PLC operates primarily in the Telecommunications industry.
Number of Employees at Safaricom PLC
Safaricom PLC employs approximately 16,081 people worldwide.
Subsidiaries Owned by Safaricom PLC
Safaricom PLC presently has no subsidiaries across any sectors.
Safaricom PLC’s LinkedIn Followers
Safaricom PLC’s official LinkedIn profile has approximately 541,064 followers.
NAICS Classification of Safaricom PLC
Safaricom PLC is classified under the NAICS code 517, which corresponds to Telecommunications.
Safaricom PLC’s Presence on Crunchbase
No, Safaricom PLC does not have a profile on Crunchbase.
Safaricom PLC’s Presence on LinkedIn
Yes, Safaricom PLC maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/safaricom.
Cybersecurity Incidents Involving Safaricom PLC
As of November 27, 2025, Rankiteo reports that Safaricom PLC has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Safaricom PLC has an estimated 9,535 peer or competitor companies worldwide.
Safaricom PLC CyberSecurity History Information
How many cyber incidents has Safaricom PLC faced ?
Total Incidents: According to Rankiteo, Safaricom PLC has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Safaricom PLC ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=safaricom' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
