In a shocking revelation, the Federal Tax Ombudsman (FTO) has warned that the Federal Board of Revenue’s (FBR) entire IT system is allegedly under the control of cybercriminals, exposing massive vulnerabilities in Pakistan’s tax data infrastructure.
According to an official FTO order issued on Friday, the system has “completely collapsed,” allowing hackers to manipulate data, make unauthorized transactions, and exploit backdoor access without detection. The order stated that these breaches reflect a total failure of FBR’s internal security protocols, with potential insider involvement particularly within Pakistan Revenue Automation Limited (PRAL).
“The system’s sanctity has been severely compromised, making it possible for criminals to operate without any risk of being caught,” the FTO noted, urging the FBR to take immediate corrective measures to safeguard taxpayers’ data and restore integrity to its IT operations.
The investigation found repeated unauthorized changes to taxpayers’ ID passwords especially in the case of a complainant whose credentials were hacked multiple times, even after preventive measures. The FTO highlighted poor internal controls, lack of automated alerts, and inadequate data reconciliation, calling the situation a “critical threat to the entire tax ecosystem.”
The FTO further directed the FBR to pursue legal action against the identified beneficiaries of tax fraud, including possible collusion between taxpayers and FBR or PRAL employees. The Director General I&I-IR was ordered to accelerate efforts to apprehend the alleged masterminds, Shiraz Ahmed and Niaz Ahmed, alongside any insiders involved.
Experts say the incident underscores Pakistan’s urgent need for cybersecurity reforms in public data systems, as continuous breaches could erode confidence in the country’s digital tax infrastructure.