FTO Alleges FBR’s Entire IT System Under Control of Cybercriminals

ISLAMABAD: The Federal Tax Ombudsman (FTO) has issued a startling report claiming that the Federal Board of Revenue’s (FBR) entire IT infrastructure has effectively collapsed and fallen under the control of cybercriminals.

According to the FTO’s findings, hackers have unrestricted access to FBR’s systems and can manipulate data, alter records, and execute unauthorized transactions without detection. The order stressed that these vulnerabilities pose a severe threat to the integrity and survival of the FBR’s digital framework.

The investigation began with a complaint under Section 10(1) of the Federal Tax Ombudsman Ordinance, 2000, regarding the unlawful suspension of a taxpayer’s sales tax registration. The complaint later expanded to include repeated hacking incidents, unauthorized access to taxpayer accounts, deletion of original invoices, and the insertion of fake ones.

The FTO noted that despite repeated password changes, the complainant’s account continued to be compromised—indicating possible insider involvement, particularly from employees of Pakistan Revenue Automation Limited (PRAL).

The report highlighted grave weaknesses in system security, including poor data integrity, lack of activity alerts, weak reconciliation between input and output taxes, and unauthorized changes in taxpayer profiles. It further warned of possible collusion between taxpayers and FBR or PRAL staff to exploit these vulnerabilities.

The FTO urged immediate action to restore control, enhance cybersecurity, and safeguard the FBR’s data infrastructure.