Federal Board of Revenue (FBR) has issued a clarification following reports suggesting that its IT infrastructure had been compromised and fallen under the control of cybercriminals. The tax authority described these media claims as misleading and emphasized that they stemmed from a misinterpretation of an order issued by the Federal Tax Ombudsman (FTO). In its statement, FBR reaffirmed that all its IT systems are fully operational and secure, ensuring continuity of taxpayer services across the country.
The authority clarified that the alleged security incident involved the misuse of a taxpayer’s login credentials and was not the result of a breach of FBR’s systems. According to the FBR, the password in question was never accessed from its database, and the irregular activity was first detected and flagged by its Intelligence and Investigation Wing. The statement highlighted that the responsibility for the incident lay entirely with the individual taxpayer due to weak or predictable password practices.
FBR emphasized that it has strengthened its cybersecurity infrastructure in recent months through comprehensive IT process upgrades. This includes deploying advanced Endpoint Detection and Response (EDR) tools, multi-factor authentication mechanisms, and integrated Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems. The authority also noted that all critical vulnerabilities identified in a third-party audit conducted earlier this year have been addressed, further enhancing the resilience of its IT environment.
To reduce potential risks at the user level, FBR urged taxpayers to adopt strong and unique passwords, avoid predictable combinations such as names or dates of birth, and regularly update their credentials. By taking these steps, individuals can reinforce their own security while interacting with FBR’s digital platforms. The tax body reaffirmed its commitment to maintaining the highest standards of cybersecurity, transparency, and operational integrity, assuring the public that its systems remain protected against unauthorized access and emerging cyber threats.
This clarification comes at a time when digital transformation in taxation is expanding, and the FBR continues to implement robust safeguards to protect sensitive financial data. Through these measures, FBR aims to strengthen trust in Pakistan’s digital finance ecosystem and ensure uninterrupted services for taxpayers nationwide.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
