Canada Revenue Agency suspends online services after cyberattacks

Canada Revenue Agency suspends online services after cyberattacks

Many of the hacked CRA accounts were targeted as part of a broader ‘credential stuffing’ attack

The Canada Revenue Agency has temporarily suspended its online services after two cyberattacks in which hackers used thousands of stolen usernames and passwords to fraudulently obtain government services and compromise Canadians’ personal information.

A total of 5,500 CRA accounts were targeted in what the federal government described as two “credential stuffing” schemes, in which hackers use passwords and usernames from other websites to access Canadians’ accounts with the revenue agency.

The decision to suspend CRA’s online services comes at a time when many Canadians and businesses have been using the revenue agency’s website to apply for and access financial support related to the COVID-19 pandemic.

The government is hoping to reinstate online access for businesses on Monday, according to a senior government official. That is when companies struggling due to the pandemic can start to apply for the latest round of federal wage subsidies.

It wasn’t immediately clear what impact the suspension of services will have in terms of other federal benefits, however, including the Canada Child Benefit and Canada Emergency Response Benefit for those affected by COVID-19.

The revenue agency was also vague in terms of what victims of the attack will have to do to get their accounts reinstated after it disabled them to prevent further fraud, saying only that letters will be mailed to those who have been affected.

At least one victim says she has yet to hear anything from the government after someone hacked into her CRA account earlier this month and successfully applied for the $2,000-per-month Canada Emergency Response Benefit for COVID-19.

Leah Baverstock, a law clerk in Kitchener, Ont., says she first realized her account had been compromised and contacted the revenue agency herself when she received several emails from CRA on Aug. 7 saying she had successfully applied for the CERB.

“The lady I spoke to at CRA, she’s said: ‘This is a one-off,’” said Baverstock, who has continued to work through the pandemic and did not apply for the support payments.

“And she told me a senior officer would be calling me within 24 hours because my account was completely locked down. And I still haven’t heard from anybody.”

READ MORE: Thousands of CRA and government accounts disabled after cyberattack

Baverstock expressed frustration at the lack of contact, adding she still does not know how the hackers accessed her account. She has since contacted her bank and other financial institutions to stop the hackers from using her information to commit more fraud.

“I am quite concerned,” she said. “Somebody could be living under my name. Who knows. It’s scary. It’s really scary.”

Many of the hacked CRA accounts were targeted as part of a broader “credential stuffing” attack in which more than 9,000 accounts that Canadians use to apply for and access federal services were compromised.

Those hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the Treasury Board of Canada said in a statement.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

Officials are now trying to determine not only how many of those services were fraudulent while the RCMP and federal privacy commissioner have been called in to assess the scale and scope of personal information stolen.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press


Like us on Facebook and follow us on Twitter.

Want to support local journalism during the pandemic? Make a donation here.

Canadian Revenue AgencyCyberfraudfraudhackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

The City of White Rock is warning residents to be careful about unscheduled doorstep calls, after reports of salespeople misrepresenting themselves as city workers conducting water tests. STOCK IMAGE
City of White Rock warns of bogus water test visits

Residents report salespeople ‘give impression’ they are municipal employees

Semiahmoo Secondary senior girls basketball team members (left to right) Deja Lee, Tara Wallack and Izzy Forsyth sign their official NCAA commitments at an event earlier this month. (Contributed photo)
Semiahmoo Secondary holds signing-day ceremony for three NCAA-bound basketball stars

Deja Lee, Tara Wallack and Izzy Forsyth committed to U.S. universities earlier this year

THE REAL PHOTO: Linda Annis, executive director with Metro Vancouver Crime Stoppers holds a note commonly posted on doors when people go on vacation. (Ashley Wadhwani/Black Press Media)
Surrey councillor slams mayor’s slate for doctoring her photo, quote in social media attack ad

Linda Annis says the Safe Surrey Coalition has been running “fake news” and a doctored photo of her in an attack ad on the slate’s twitter account and its Facebook page.

The City Centre 1 building is part of Surrey Health and Technology District, adjacent to Surrey Memorial Hospital. (submitted photo)
Maritimes city plans Health and Technology District similar to Surrey’s

Surrey-based Lark Group involved in the public-private-academic partnership

The Right Reverend Peter Klenner, pastor of All Saints Community Church (and Bishop of the Anglican Mission in Canada). Contributed photo
Purchase aims to restore historic Crescent Beach landmark

All Saints Church fundraising to buy Holy Cross, retain it as ‘sacred space’

Kyle Charles poses for a photo in Edmonton on Friday, Nov. 20, 2020. Marvel Entertainment, the biggest comic book publisher in the world, hired the 34-year-old First Nations illustrator as one of the artists involved in Marvel Voice: Indigenous Voices #1 in August. THE CANADIAN PRESS/Jason Franson
VIDEO: Indigenous illustrator of new Marvel comic hopes Aboriginal women feel inspired

Kyle Charles says Indigenous women around the world have reached out

B.C. Liberal MLA Shirley Bond questions NDP government ministers in the B.C. legislature, Feb. 19, 2020. (Hansard TV)
Cabinet veteran Shirley Bond chosen interim leader of B.C. Liberals

28-member opposition prepares for December legislature session

Motorists wait to enter a Fraser Health COVID-19 testing facility, in Surrey, B.C., on Monday, November 9, 2020. THE CANADIAN PRESS/Darryl Dyck
COVID-19: What do rising positivity rates mean for B.C.? It’s not entirely clear

Coronavirus cases are on the rise but the province has not unveiled clear thresholds for further measures

A rider carves a path on Yanks Peak Saturday, Nov. 21. Two men from Prince George went missing on the mountain the next day. One of them, Colin Jalbert, made it back after digging out his sled from four feet under the snow. The other, Mike Harbak, is still missing. Local search and rescue teams went out looking Monday, Nov. 23. (Sam Fait Photo)
‘I could still be the one out there’: Snowmobiler rescued, 1 missing on northern B.C. mountain

As Quesnel search and rescue teams search for the remaining rider, Colin Jalbert is resting at home

Cannabis bought in British Columbia (Ashley Wadhwani/Black Press Media)
Is it time to start thinking about greener ways to package cannabis?

Packaging suppliers are still figuring eco-friendly and affordable packaging options that fit the mandates of Cannabis Regulations

Join Black Press Media and Do Some Good
Join Black Press Media and Do Some Good

Pay it Forward program supports local businesses in their community giving

More than 70 anglers participated in the bar-fishing demonstration fishery on Sept. 9, 2020 on the Fraser River near Chilliwack. DFO officers ticketed six people and seized four rods. A court date is set for Dec. 1, 2020. (Jennifer Feinberg/ Chilliwack Progress file)
Anglers ticketed in Fraser River demonstration fishery heading to court

Sportfishing groups started a GoFundMe with almost $20K so far for legal defence of six anglers

Care home staff are diligent about wearing personal protective equipment when they are in contact with residents, but less so when they interact with other staff members, B.C. Seniors Advocate says. THE CANADIAN PRESS/Chris Young
More COVID-19 testing needed for senior home staff, B.C.’s advocate says

Employees mingling spotted as virus conductor in many workplaces

This 2019 photo provided by The ALS Association shows Pat Quinn. Quinn, a co-founder of the viral ice bucket challenge, died Sunday, Nov. 22, 2020, at the age of 37. (Scott Kauffman/The ALS Association via AP)
Co-founder of viral ALS Ice Bucket Challenge dies at 37

Pat Quinn was diagnosed with Lou Gehrig’s disease, also known as amyotrophic lateral sclerosis, in 2013

Most Read