Capital Development Authority (CDA) has reportedly been dealing with a significant cyberattack after unknown hackers breached its property and water billing system and demanded a ransom in Bitcoin. According to officials familiar with the matter, the attack has disrupted key revenue collection services for several days and resulted in the compromise of data related to property and conservancy charges. The threat actors are allegedly pressuring the authority to meet their ransom demands by warning that the stolen information could be uploaded to the dark web if payment is not made. The incident has created concern within the civic agency, particularly because June marks the closing month of the financial cycle when a large number of citizens typically settle their property taxes and related dues.
Officials from CDA’s revenue directorate stated that the billing infrastructure had remained affected for three consecutive days, creating operational challenges during a critical period for revenue collection. Efforts to restore services have involved CDA’s Information Technology Department, National Radio and Telecommunication Corporation (NRTC), and other technical teams working to recover affected systems and restore normal operations. Citizens also reported difficulties in accessing online payment services during the disruption. While CDA’s primary website continued to function, the online payment portal remained inaccessible for several hours, preventing residents from clearing bills and taxes through digital channels. CDA maintains records for residential and commercial properties across Islamabad’s urban areas, including data related to allotted plots and property ownership. As a result, any disruption to the billing platform has the potential to affect a large number of property owners who rely on online services for tax and utility payments.
The incident has revived concerns regarding the security of CDA’s digital infrastructure, particularly following a previous cyber incident in 2024 when hackers reportedly gained access to the authority’s website and published data on the dark web. That breach prompted concerns at both the civic agency and federal government levels, leading to increased scrutiny of cybersecurity measures protecting public sector systems. Following the earlier incident, Prime Minister’s Office reportedly took notice of the matter, and CDA board authorized the engagement of a cybersecurity firm through an existing contract to strengthen the security of its digital services and infrastructure. Officials from the IT wing confirmed that a cybersecurity company had been brought in after the 2024 breach as part of efforts to improve resilience against future threats. During the latest incident, questions were also raised regarding the availability of backup data, with one official claiming that CDA and its vendor lacked backups covering the previous six months. However, this assertion was disputed by CDA management.
CDA spokesperson Shahid Kiani confirmed that the authority’s billing systems related to property charges, conservancy fees, and water services were under cyberattack but emphasized that backup data remained secure. According to the spokesperson, recovery efforts are currently underway using secure backup servers to ensure that billing information is restored without data loss. He stated that technical teams are actively working to return the online system to full functionality and restore public access to digital payment services. Mr. Kiani also reassured citizens that all online transactions completed before and during the disruption remain secure because payments were processed through 1 Link and other authorized online banking channels. While the investigation into the attack continues, the incident highlights the growing cybersecurity challenges facing public sector organizations that manage large volumes of sensitive citizen and financial information. The disruption to CDA’s billing services demonstrates how cybercriminals increasingly target critical digital platforms to exert pressure on organizations through ransom demands and threats of data exposure.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
