Canada Revenue Agency suspends online services after cyberattacks

Canada Revenue Agency suspends online services after cyberattacks

Many of the hacked CRA accounts were targeted as part of a broader ‘credential stuffing’ attack

The Canada Revenue Agency has temporarily suspended its online services after two cyberattacks in which hackers used thousands of stolen usernames and passwords to fraudulently obtain government services and compromise Canadians’ personal information.

A total of 5,500 CRA accounts were targeted in what the federal government described as two “credential stuffing” schemes, in which hackers use passwords and usernames from other websites to access Canadians’ accounts with the revenue agency.

The decision to suspend CRA’s online services comes at a time when many Canadians and businesses have been using the revenue agency’s website to apply for and access financial support related to the COVID-19 pandemic.

The government is hoping to reinstate online access for businesses on Monday, according to a senior government official. That is when companies struggling due to the pandemic can start to apply for the latest round of federal wage subsidies.

It wasn’t immediately clear what impact the suspension of services will have in terms of other federal benefits, however, including the Canada Child Benefit and Canada Emergency Response Benefit for those affected by COVID-19.

The revenue agency was also vague in terms of what victims of the attack will have to do to get their accounts reinstated after it disabled them to prevent further fraud, saying only that letters will be mailed to those who have been affected.

At least one victim says she has yet to hear anything from the government after someone hacked into her CRA account earlier this month and successfully applied for the $2,000-per-month Canada Emergency Response Benefit for COVID-19.

Leah Baverstock, a law clerk in Kitchener, Ont., says she first realized her account had been compromised and contacted the revenue agency herself when she received several emails from CRA on Aug. 7 saying she had successfully applied for the CERB.

“The lady I spoke to at CRA, she’s said: ‘This is a one-off,’” said Baverstock, who has continued to work through the pandemic and did not apply for the support payments.

“And she told me a senior officer would be calling me within 24 hours because my account was completely locked down. And I still haven’t heard from anybody.”

READ MORE: Thousands of CRA and government accounts disabled after cyberattack

Baverstock expressed frustration at the lack of contact, adding she still does not know how the hackers accessed her account. She has since contacted her bank and other financial institutions to stop the hackers from using her information to commit more fraud.

“I am quite concerned,” she said. “Somebody could be living under my name. Who knows. It’s scary. It’s really scary.”

Many of the hacked CRA accounts were targeted as part of a broader “credential stuffing” attack in which more than 9,000 accounts that Canadians use to apply for and access federal services were compromised.

Those hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the Treasury Board of Canada said in a statement.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

Officials are now trying to determine not only how many of those services were fraudulent while the RCMP and federal privacy commissioner have been called in to assess the scale and scope of personal information stolen.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press


Like us on Facebook and follow us on Twitter.

Want to support local journalism during the pandemic? Make a donation here.

Canadian Revenue AgencyCyberfraudfraudhackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Permission to develop a residential treatment centre providing mental health and addiction recovery is being sought at the Tachick Lake Resort purchased by Carrier Sekani Family Services. (Regional District of Bulkley-Nechako photo)
Treatment centre eyed at former Tachick Lake Resort near Vanderhoof

Carrier Sekani Family Services awaiting adoption of rezoning bylaw

An aerial shot of Cedar Valley Lodge this past August, LNG Canada’s newest accommodation for workers. This is where several employees are isolating after a COVID-19 outbreak was declared last Thursday (Nov. 19). (Photo courtesy of LNG Canada)
41 positive COVID-19 cases associated with the LNG Canada site outbreak

Thirty-four of the 41 cases remain active, according to Northern Health

The North Country Inn and Restaurant in Vanderhoof notified the public Friday morning of a positive, COVID-19 case for one of its workers. (Facebook photo)
North Country Inn and Restaurant employee tests positive for COVID-19

The North Country Inn and Restaurant said the employee had not been in contact with its patrons

Cases have gone up in Northern Health in the past week, as they have all over B.C. (K-J Millar/Black Press Media)
Northern Health reports new highest number of COVID-19 cases in one day

Nineteen cases were reported to Public Health last Tuesday (Nov. 17)

FILE – British Columbia provincial health officer Dr. Bonnie Henry wears a face mask as she views the Murals of Gratitude exhibition in Vancouver, on Friday, July 3, 2020. THE CANADIAN PRESS/Darryl Dyck
Masks now mandatory in all public indoor and retail spaces in B.C.

Many retailers and businesses had voiced their frustration with a lack of mask mandate before

A man wearing a face mask to help curb the spread of COVID-19 walks in downtown Vancouver, B.C., Sunday, Nov. 22, 2020. The use of masks is mandatory in indoor public and retail spaces in the province. THE CANADIAN PRESS/Darryl Dyck
B.C. records deadliest day of pandemic with 13 deaths, 738 new COVID-19 cases

Number of people in hospital is nearing 300, while total cases near 30,000

(File photo)
Alberta woman charged after allegedly hitting boy with watermelon at Okanagan campsite

Police say a disagreement among friends at an Adams Lake campsite turned ugly

Court of Appeal for British Columbia in Vancouver. (File photo: Tom Zytaruk)
B.C. woman loses appeal to have second child by using late husband’s sperm

Assisted Human Reproduction Act prohibits the removal of human reproductive material from a donor without consent

Krista Macinnis displays the homework assignment that her Grade 6 daughter received on Tuesday. (Submitted photo)
B.C. mom angry that students asked to list positive stories about residential schools

Daughter’s Grade 6 class asked to write down 5 positive stories or facts

Join Black Press Media and Do Some Good
Join Black Press Media and Do Some Good

Pay it Forward program supports local businesses in their community giving

B.C. projects targeting the restoration of sockeye salmon stocks in the Fraser and Columbia Watersheds will share in $10.9 million of federal funding to protect species at risk. (Kenny Regan photo)
13 projects protecting B.C. aquatic species at risk receive $11 million in federal funding

Salmon and marine mammals expected to benefit from ecosystem-based approach

Barrels pictured outside Oliver winery, Quinta Ferreira, in May. (Phil McLachlan - Black Press Media)
B.C. Master of Wine reflects on industry’s teetering economic state

Pandemic, for some wine makers, has been a blessing in disguise. For others, not so much.

An employee of the Adventure Hotel was taken to hospital on Nov. 20 after she confronted a customer of Empire Coffee about not wearing a mask. File photo.
Nelson hotel employee suffers heart attack after being assaulted in anti-mask incident

An accountant at the Adventure Hotel is in hospital in Kelowna

Most Read