Safaricom Closes Loophole Granting Free Home Fibre Access
Safaricom has successfully patched a significant security vulnerability within its Home Fibre network that allowed a substantial number of users to gain free or heavily discounted internet access. This long-standing issue, present since at least 2018, was finally resolved in 2024, potentially saving the leading Kenyan telco millions of shillings.
Technical Details and Financial Impact
According to sources familiar with the matter, the flaw originated from deficiencies in Safaricom’s router authentication system, specifically within its Point-to-Point Protocol over Ethernet (PPPoE) setup. While individual usernames were in place, a universal, generic password was accepted across the network. This allowed unauthorized users to exploit the system and gain access, a problem that became more pronounced during Safaricom’s rapid expansion of its fixed internet services. The financial impact of this vulnerability is estimated to be tens of millions of shillings in lost revenue, raising questions about internal control mechanisms as Safaricom continues to solidify its dominance in Kenya’s fixed internet market.
The closure of this loophole highlights the importance of robust security protocols, particularly as African tech companies expand their digital infrastructure and service offerings. Safaricom’s fix is a crucial step in protecting its revenue streams and ensuring fair access for all its Home Fibre customers.
Keywords
Related Keywords: Safaricom router vulnerability, Safaricom home fibre exploit, Safaricom free internet access, Router flaw Safaricom, Safaricom security patch, Home fibre security breach, Safaricom router fix, Safaricom free internet loophole, Safaricom fibre vulnerability
