A threat actor using the alias “Kazu” has listed for sale what is claimed to be a massive 2.15 terabytes of data allegedly stolen from M-TIBA, a mobile healthcare and insurance platform serving millions of Kenyans.
Kazu claims the dump includes over 17 million files, containing sensitive medical and financial data used by patients, clinics, and insurance providers.
The dataset is being offered for $9,000, with contact options and a sample dataset accessible through a Telegram channel.
According to the threat actor, the stolen data may include:
- Medical and insurance claim records
- Payment transactions and user identifiers
- Personal and contact information of patients and health providers
- Clinic and insurer account data
The dump is dated October 2025, suggesting the breach occurred recently.
Disclaimer: This report is based on open-source intelligence (OSINT) and dark web monitoring. CyHawk Africa has not independently verified the authenticity of the claimed data. The report is intended solely for cybersecurity awareness and situational intelligence purposes.