Canada Revenue Agency suspends online services after cyberattacks

Canada Revenue Agency suspends online services after cyberattacks

Many of the hacked CRA accounts were targeted as part of a broader ‘credential stuffing’ attack

The Canada Revenue Agency has temporarily suspended its online services after two cyberattacks in which hackers used thousands of stolen usernames and passwords to fraudulently obtain government services and compromise Canadians’ personal information.

A total of 5,500 CRA accounts were targeted in what the federal government described as two “credential stuffing” schemes, in which hackers use passwords and usernames from other websites to access Canadians’ accounts with the revenue agency.

The decision to suspend CRA’s online services comes at a time when many Canadians and businesses have been using the revenue agency’s website to apply for and access financial support related to the COVID-19 pandemic.

The government is hoping to reinstate online access for businesses on Monday, according to a senior government official. That is when companies struggling due to the pandemic can start to apply for the latest round of federal wage subsidies.

It wasn’t immediately clear what impact the suspension of services will have in terms of other federal benefits, however, including the Canada Child Benefit and Canada Emergency Response Benefit for those affected by COVID-19.

The revenue agency was also vague in terms of what victims of the attack will have to do to get their accounts reinstated after it disabled them to prevent further fraud, saying only that letters will be mailed to those who have been affected.

At least one victim says she has yet to hear anything from the government after someone hacked into her CRA account earlier this month and successfully applied for the $2,000-per-month Canada Emergency Response Benefit for COVID-19.

Leah Baverstock, a law clerk in Kitchener, Ont., says she first realized her account had been compromised and contacted the revenue agency herself when she received several emails from CRA on Aug. 7 saying she had successfully applied for the CERB.

“The lady I spoke to at CRA, she’s said: ‘This is a one-off,’” said Baverstock, who has continued to work through the pandemic and did not apply for the support payments.

“And she told me a senior officer would be calling me within 24 hours because my account was completely locked down. And I still haven’t heard from anybody.”

READ MORE: Thousands of CRA and government accounts disabled after cyberattack

Baverstock expressed frustration at the lack of contact, adding she still does not know how the hackers accessed her account. She has since contacted her bank and other financial institutions to stop the hackers from using her information to commit more fraud.

“I am quite concerned,” she said. “Somebody could be living under my name. Who knows. It’s scary. It’s really scary.”

Many of the hacked CRA accounts were targeted as part of a broader “credential stuffing” attack in which more than 9,000 accounts that Canadians use to apply for and access federal services were compromised.

Those hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the Treasury Board of Canada said in a statement.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

Officials are now trying to determine not only how many of those services were fraudulent while the RCMP and federal privacy commissioner have been called in to assess the scale and scope of personal information stolen.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press


Like us on Facebook and follow us on Twitter.

Want to support local journalism during the pandemic? Make a donation here.

Canadian Revenue AgencyCyberfraudfraudhackers

Just Posted

Alberta Premier Jason Kenney arrives at the 2021 budget in Edmonton on Thursday, Feb. 25, 2021.THE CANADIAN PRESS/Jason Franson
Alberta launches COVID vaccine lottery with million-dollar prizes to encourage uptake

The premier says the lottery will offer three prizes worth $1 million a piece, as well as other prizes

The City of Red Deer sits at 249 active cases of the virus, after hitting a peak of 565 active cases on Feb. 22. (Black Press file image)
Red Deer down to 119 active COVID-19 cases

Province identifies 179 new cases Saturday

Member Terry Parsons’ custom built track vehicle.
Forestburg’s Area 53 Racetrack gears up for action-packed season

Site will also host a portion of the ‘Miles of Mayhem’ event in July

Sabrina Wilde in front of a recently purchased monster truck. Submitted.
Thorsby business women a finalist for 2021 Alberta Women’s Entrepreneurship Award

Sabrina Wilde with Lone Wolf Mechanical is a finalist for the entrepreneurial award.

Grade 12 students at Wetaskiwin Composite High School took place in the annual water fight off school property on June 11, 2021. Shaela Dansereau/ Pipestone Flyer.
Graduating students in Wetaskiwin throw water fight after being told it could result in suspension

Students were told their participation could result in them being barred from graduation ceremonies.

Canadian Prime Minister Justin Trudeau participates in a plenary session at the G7 Summit in Carbis Bay, England on Friday June 11, 2021. THE CANADIAN PRESS/Adrian Wyld
Canada donating 13M surplus COVID-19 vaccine doses to poor countries

Trudeau says the government will pay for 87 million shots to be distributed to poor countries

Indigenous Services Minister Marc Miller is seen during a news conference, Wednesday May 19, 2021 in Ottawa. THE CANADIAN PRESS/Adrian Wyld
Indigenous child-welfare battle heads to court despite calls for Ottawa to drop cases

Feds are poised to argue against two Canadian Human Rights Tribunal rulings

The Great Ogopogo Bathtub Race has been held in Summerland as a fundraising event. Do you know which Canadian city introduced this sport? (Black Press file photo)
QUIZ: A summer’s day at the water

How much do you know about boats, lakes and water?

Flowers and cards are left at a makeshift memorial at a monument outside the former Kamloops Indian Residential School to honour the 215 children whose remains are believed to have been discovered buried near the city in Kamloops, B.C., on Monday, May 31, 2021. THE CANADIAN PRESS/Darryl Dyck
‘Pick a Sunday:’ Indigenous leaders ask Catholics to stay home, push for apology

Indigenous leaders are calling on Catholics to stand in solidarity with residential school survivors by not attending church services

“They will never be forgotten, every child matters,” says Sioux Valley Chief Jennifer Bone in a video statement June 1. (Screen grab)
104 ‘potential graves’ detected at site of former residential school in Manitoba

Sioux Valley Dakota Nation working to identify, repatriate students buried near former Brandon residential school

Denmark’s Christian Eriksen receives medical attention after collapsing during the Euro 2020 soccer championship group B match between Denmark and Finland at Parken stadium in Copenhagen, Saturday, June 12, 2021. (AP Photo/Martin Meissner, Pool)
Christian Eriksen in stable condition, Euro 2020 match resumes

Eriksen was given chest compressions after collapsing on the field during a European Championship

As stories of the horrors of residential schools circulate after the Tk’emlups te Secwepemc First Nation announced it had located what are believed to be the remains of 215 children, Grand Chief Stewart Phillip of the Union of B.C. Indian Chiefs said he feels a connection with the former students. THE CANADIAN PRESS/Darryl Dyck
2 sides of the same coin: Ex-foster kids identify with residential school survivors

Grand Chief Stewart Phillip says the child welfare system takes Indigenous children from their families

Airport ground crew offload a plane carrying just under 300,000 doses of the single-shot Johnson & Johnson COVID-19 vaccine which is developed by the Janssen Pharmaceutical Companies at Pearson International Airport during the COVID-19 pandemic in Toronto on Wednesday, April 28, 2021. THE CANADIAN PRESS/Nathan Denette
1st batch of Johnson & Johnson vaccines won’t be released in Canada over quality concerns

The vaccines were quarantined in April before they were distributed to provinces

Most Read