Hackers target Capital Development Authority's billing system, demand ransom in Bitcoin

Islamabad's Capital Development Authority (CDA) is grappling with a significant cyberattack, as unknown hackers have reportedly breached its property and water billing system, demanding ransom in Bitcoin.

“

Since it is June (closing month), and a large number of people clear their property and tax dues this month, our systems have been hacked for the last three days.

The breach, which has been ongoing for three days, has compromised CDA data concerning property and conservancy charges. Sources indicate the hackers threaten to publish the compromised data on the dark web if their ransom demands are not met. This incident occurs during June, a critical month when many individuals settle their property and tax dues.

“

Hopefully, the matter will be resolved by Friday (today).

CDA officials, including those from the revenue directorate and the Information Technology Department, are working with their vendor, NRTC, to restore the data. An official expressed hope for a resolution by Friday. Meanwhile, numerous citizens reported being unable to pay their taxes online due to the inaccessibility of CDA's online payment links.

“

CDA’s billing system related to property and conservancy charges and water was under cyberattack, but added that all backup data was safe.

This is not the first security lapse for the CDA; Indian hackers reportedly breached the website in 2024, uploading data to the dark web. Following that incident, the Prime Minister's Office intervened, and the CDA engaged a cybersecurity firm. However, conflicting reports emerged regarding backup data, with one official claiming a six-month data gap, a claim rejected by CDA spokesperson Shahid Kiani. Kiani assured that all backup data is secure and recovery from secure servers is in progress, emphasizing that online payments made through authorized channels remain safe.

“

CDA is currently recovering all billing-related data from its secure backup servers to ensure nothing is lost. Technical teams are working, and the online system will be made functional again very soon.