IRC admits cyber-attack, system restore and secured

Saturday, 15 February 2025, 9:37 am

IRC office in Downtown Port Moresby. (Image: Supplied)

The Internal Revenue Commission has advised and assured that its core system of Standard Integrated Government Tax Administration system [SIGTAS] has been restored and is secure, however that, a limited amount of internal data may have been accessed.

From few officers at the IRC the system was restore and back to full function on Thursday last week however, it's not functioning effectively.

"Because it just come on, it's quite slow but from time to time it will work well."

The tax office experienced an almost two weeks of system outage, beginning on 28th January but has assured that taxpayer data remains secure within SIGTAS which is said to be protected by multiple layers of security.

Commissioner General Sam Koim in a statement this morning revealed that the "primary impact of the attack was the encryption of virtualisation servers by unauthorized actors." While cyber security experts warn of high risks associated with this sort of system outage and attacks, Koim says the IRC has not engaged with any ransom demands but has instead focused on a structured recovery process with enhanced security measures in place.

Koim has assured key stakeholders and service providers whose systems are interoperable with the IRC that there was no impact to the integration or functionality of these systems.

He added that data exchanges, transactions and communications between the IRC system and its partners have "remained secure and uninterrupted" throughout this incident.

Upon detection of the breach, IRC engaged KPMG to conduct a comprehensive forensic investigation and assist with remediation.

Koim has again assured that the security incident has been managed with data security as IRC's top priority.