On a Wednesday evening in July 2026, our investigative team courtesy of Kenya Insights reviewed a confidential intelligence dossier that has sent ripples through Nairobi’s political and corporate circles, raising uncomfortable questions about the intersection of stolen personal data, political ambition, and the fragile margins that decide electoral outcomes.
The document at the center of this storm alleges that Ronald Karauri, the SportPesa chief executive who made history in 2022 as the first independent candidate ever elected to Parliament from a Nairobi constituency, paid more than Sh25 million for a stolen Safaricom subscriber database and subsequently weaponized that data to micro-target voters in his successful parliamentary bid.
The claim is explosive, specific, and deeply contested, colliding head-on with Safaricom’s own court records which insist that any transaction involving the betting firm collapsed before it was ever finalized.
Both versions cannot be fully true, and the truth, as is often the case in Kenya’s complex data-breach saga, lies somewhere in the labyrinth of court filings, forensic evidence, and political calculations that have defined this years-long controversy.
The dossier’s central allegation is that Karauri, who entered the Kasarani race only after missing out on the Jubilee Party nomination in April 2022, privately acquired the stolen cache of subscriber data in 2019 and later repurposed it as a sophisticated electioneering weapon.
The document names Benedict Kabugi Ndungu as the source, a familiar figure in Kenya’s data-breach narrative who has occupied the role of both whistleblower and defendant in the legal proceedings that have unfolded since the original leak.
What makes this allegation particularly difficult to dismiss outright is the extraordinary paper trail that the underlying breach has already produced in Kenyan courts, combined with the painfully narrow margin by which Karauri secured his seat three years after the alleged transaction.
The margin of victory over his closest challenger, John Njoroge, was just 1,962 votes, in a constituency of 155,405 registered voters where turnout reached only 91,774.
It is precisely this razor-thin victory that gives the micro-targeting allegation its gravitational pull, suggesting that a few thousand well-placed persuasions could have easily shifted the outcome.
The origin story of this entire saga is not in dispute. Sometime around May 2019, Safaricom’s internal systems were compromised, and the personal, financial, and gambling profiles of an estimated 11.5 million subscribers were extracted by insiders and shopped to outside parties.
Court records from the ensuing criminal and civil proceedings describe how Kabugi was drawn into the scheme by an associate identified only as Mark, who wanted a direct line into Kenya’s lucrative betting industry.
Kabugi, by his own account, tested the authenticity of the sample data by entering his own Safaricom credentials and found his personal betting history staring back at him, confirming that the data was genuine and deeply invasive.
What followed, according to those same court records, were two in-person meetings between the sellers and SportPesa’s leadership: the first at Club Milan in Westlands on June 3, 2019, and the second at ABC Place four days later, which became the meeting at which Kabugi was arrested.
Court filings quote Safaricom’s own account of the episode, which insists that the prospective deal between the sellers and SportPesa fell apart not because the company refused the data on principle, but because the sellers could not guarantee an uninterrupted flow of fresh data going forward.
That distinction matters enormously to the dossier now in circulation. If the deal genuinely collapsed in 2019 for lack of a continuous supply, as Safaricom’s own civil pleadings maintain, then the intelligence report’s claim of a completed Sh25 million transaction requires either a second, separate transaction that the courts never heard about, or a fundamental rewriting of what actually happened at ABC Place that week.
This publication has not been able to independently verify which version is correct, and the absence of a definitive answer leaves the allegation suspended in a space between credible suspicion and unproven accusation.
The most significant judicial development in this saga to date is Constitutional Petition No. E095 of 2026, in which Justice Bahati Mwamuye of the High Court’s Constitutional and Human Rights Division delivered a landmark finding against Safaricom in May 2026.
The court held that Safaricom bore constitutional liability for the 2018 to 2019 breach, rejecting the telecom’s long-standing defence that rogue employees acting alone should absorb all responsibility.
Eleven petitioners were awarded Sh900,000 each, a modest sum in isolation, but one that sits atop a far larger and more explosive evidentiary record.
That record includes WhatsApp forensic material that Safaricom itself placed before the court, apparently expecting it to support its defence. It did the opposite.
The communications, spanning June 2018 to May 2019, named a set of external recipients or intermediaries the court described as evidence of a coordinated pattern of data transmission and monetisation, suggesting that the breach was not an isolated incident but part of a systematic exploitation of subscriber information.
However, conspicuously absent from the disclosed communications was any mention of Karauri or SportPesa as a completed transaction.
That omission cuts in two directions, and it is this duality that makes the dossier both compelling and frustratingly incomplete. It could mean, as Karauri’s defenders would likely argue, that the completed commercial exploitation of the breach flowed to entirely different actors, and that SportPesa’s only brush with the data was the failed 2019 approach that both sides agree came to nothing.
Or it could mean, as the dossier’s authors would likely argue, that whatever transaction Karauri is alleged to have concluded was structured deliberately to leave no trace in the communications Safaricom chose to disclose, a separate and more discreet channel than the one that collapsed in public view.
The court in E095 of 2026 was not asked to rule on Karauri’s conduct and did not do so, leaving the question of who ultimately profited from the stolen data hanging in the air.
The dossier’s account of the campaign methodology describes a level of granularity that ordinary Kenyan campaigns, reliant on rallies, posters, and generic bulk SMS, do not typically possess.
It alleges that Karauri’s team conducted ward-by-ward and estate-by-estate mapping of the Kasarani electorate, cross-referencing betting and financial transaction patterns to flag voters susceptible to particular economic promises, and delivering personalised text messages that greeted residents by name and referenced their own neighbourhoods.
If even a fraction of that description is accurate, it would represent one of the more sophisticated and legally fraught uses of stolen personal data in a Kenyan election to date.
The predictive modelling, the psychographic SMS targeting, and the analytical infrastructure allegedly controlled by the campaign team originate from the dossier itself and have not been independently corroborated through court filings, IEBC campaign finance disclosures, or on-the-record technical sources.
They are presented here as serious, specific allegations warranting further scrutiny, not as established fact, but the detail with which they are described lends them a troubling credibility that cannot be easily dismissed.
Karauri’s public life has rarely stayed out of the headlines since that 2022 win, and his relationship with controversy has become almost a defining feature of his political and corporate identity.
The Kasarani MP and SportPesa chief executive has weathered a running battle with the Kenya Revenue Authority, which at one point demanded billions in back taxes from the betting firm and forced the company to deport foreign directors and briefly shutter local operations.
He has more recently found himself defending his personal life against a former partner’s public allegations, exchanging a very public Sh10 million dare with blogger Edgar Obare over recordings the blogger never actually leaked, and facing accusations from influencers he allegedly hired to manage that controversy that he never paid them.
None of that personal drama bears directly on the data allegations, but it does describe a public figure accustomed to controversy breaking around him and to responding by controlling the narrative rather than litigating the underlying claim. Legal observers following the Obare episode have already flagged this pattern, noting that Karauri tends to engage in public spectacles rather than legal processes, a strategy that has served him well in the court of public opinion but leaves substantive questions unresolved.
Kabugi Ndungu, for his part, has spent the years since 2019 positioned simultaneously as whistleblower and litigant, having gone to Safaricom’s own civil pleadings accused of trying to convert himself into a whistleblower only after the original sale attempt fell apart, while separately suing Safaricom for Sh100 million over what he describes as the invasion of his own privacy as a data subject.
A man who occupies both roles at once, seller and victim, whistleblower and litigant, is not an uncomplicated source, and any dossier built substantially on his account needs to be read with that duality in mind. The intelligence report now in circulation, as this publication understands it, is a compilation of claims rather than a verified judicial record, and its central transaction narrative should be read as an allegation, not an established fact.
No court has made a finding that Karauri completed a purchase of the data. No criminal charge names him as a buyer. But the absence of legal conclusion does not negate the seriousness of the questions raised, and the dossier’s existence, coupled with the court’s recent finding against Safaricom, reframes what was once a fringe rumour into a plausible extension of a judicially confirmed pattern.
The High Court has now formally established, through E095 of 2026, that Safaricom’s subscriber data was systematically extracted and trafficked to commercial actors over an extended period, and that the telecom’s own internal governance failures made that trafficking possible.
That finding alone transforms the Karauri allegation from speculation into a question that demands an answer. What the court has not established, and what this dossier alone cannot establish, is that Karauri specifically was a buyer, that Sh25 million specifically changed hands, or that any data he acquired specifically shaped the 1,962-vote margin that put him in Parliament.
These are questions that remain open, and they are questions that will likely persist until either the courts take up the matter directly or the investigative journalism community succeeds in tracing the flow of data from Safaricom’s compromised systems to its ultimate beneficiaries.
We sought comment from Ronald Karauri and from SportPesa’s corporate office regarding the specific allegations contained in the dossier, but neither had responded by the time of publication.
The silence from both the individual at the centre of the allegation and the company he leads is itself notable, though it would be premature to interpret it as anything other than caution.
This publication will update this story with any response received, and will continue to pursue the underlying question the courts have so far left open: who, precisely, did buy the data Safaricom lost in 2019, and what did they do with it?
The stakes of that question extend far beyond one parliamentarian’s political career, touching on the fundamental integrity of Kenya’s electoral process, the security of subscriber data held by major corporations, and the accountability of public figures who may have benefited from information they should never have had access to.
The Kasarani constituency, like every other corner of the country, deserves to know whether its representatives rose to power through legitimate means or through the exploitation of stolen personal information, and the pursuit of that answer is what makes this investigation a matter of urgent public interest.
As the legal proceedings continue and as journalists dig deeper into the documentation that has already emerged from the courts, the picture of what actually happened in 2019 and 2022 will hopefully become clearer.
The dossier stands as a serious and specific allegation, unproven but not implausible, pointing toward a transaction that may have changed the political trajectory of Nairobi County and raised profound questions about the security of Kenya’s digital infrastructure.
The margin of 1,962 votes that delivered Karauri to Parliament is small enough that even a modestly effective data-driven campaign could have made the difference, and the sophistication of the alleged operation suggests exactly the kind of targeted persuasion that stolen data enables.
Whether that is coincidence or consequence is the question that now hangs over the Kasarani MP’s political future and the broader conversation about data protection in Kenya’s electoral politics.











Add Comment