Canada Revenue Agency suspends online services after cyberattacks

Canada Revenue Agency suspends online services after cyberattacks

Many of the hacked CRA accounts were targeted as part of a broader ‘credential stuffing’ attack

The Canada Revenue Agency has temporarily suspended its online services after two cyberattacks in which hackers used thousands of stolen usernames and passwords to fraudulently obtain government services and compromise Canadians’ personal information.

A total of 5,500 CRA accounts were targeted in what the federal government described as two “credential stuffing” schemes, in which hackers use passwords and usernames from other websites to access Canadians’ accounts with the revenue agency.

The decision to suspend CRA’s online services comes at a time when many Canadians and businesses have been using the revenue agency’s website to apply for and access financial support related to the COVID-19 pandemic.

The government is hoping to reinstate online access for businesses on Monday, according to a senior government official. That is when companies struggling due to the pandemic can start to apply for the latest round of federal wage subsidies.

It wasn’t immediately clear what impact the suspension of services will have in terms of other federal benefits, however, including the Canada Child Benefit and Canada Emergency Response Benefit for those affected by COVID-19.

The revenue agency was also vague in terms of what victims of the attack will have to do to get their accounts reinstated after it disabled them to prevent further fraud, saying only that letters will be mailed to those who have been affected.

At least one victim says she has yet to hear anything from the government after someone hacked into her CRA account earlier this month and successfully applied for the $2,000-per-month Canada Emergency Response Benefit for COVID-19.

Leah Baverstock, a law clerk in Kitchener, Ont., says she first realized her account had been compromised and contacted the revenue agency herself when she received several emails from CRA on Aug. 7 saying she had successfully applied for the CERB.

“The lady I spoke to at CRA, she’s said: ‘This is a one-off,’” said Baverstock, who has continued to work through the pandemic and did not apply for the support payments.

“And she told me a senior officer would be calling me within 24 hours because my account was completely locked down. And I still haven’t heard from anybody.”

READ MORE: Thousands of CRA and government accounts disabled after cyberattack

Baverstock expressed frustration at the lack of contact, adding she still does not know how the hackers accessed her account. She has since contacted her bank and other financial institutions to stop the hackers from using her information to commit more fraud.

“I am quite concerned,” she said. “Somebody could be living under my name. Who knows. It’s scary. It’s really scary.”

Many of the hacked CRA accounts were targeted as part of a broader “credential stuffing” attack in which more than 9,000 accounts that Canadians use to apply for and access federal services were compromised.

Those hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the Treasury Board of Canada said in a statement.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

Officials are now trying to determine not only how many of those services were fraudulent while the RCMP and federal privacy commissioner have been called in to assess the scale and scope of personal information stolen.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press


Like us on Facebook and follow us on Twitter.

Want to support local journalism during the pandemic? Make a donation here.

Canadian Revenue AgencyCyberfraudfraudhackers

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Emily Keeping of Wetaskiwin, Alta., was last seen at 4:20 p.m. on Feb. 25, 2021 at the FasGas on 49 St and 50 Ave in Wetaskiwin. Supplied/ Wetaskiwin RCMP.
Wetaskiwin RCMP seek assistance in locating missing 11-year-old

Emily Keeping was last seen on Feb. 25, 2021 at the FasGas on 49 St and 50 Ave in Wetaskiwin.

Alberta premier Jason Kenney, right and Doug Schweitzer, Minister of Justice and Solicitor General, provide details about Bill 13, the Alberta Senate Election Act., in Edmonton Alta, on Wednesday June 26, 2019. THE CANADIAN PRESS/Jason Franson
Minister Doug Schweitzer talks on Enhanced COVID-19 Business Benefit

Provincial government rolling out new benefit this April to better help small businesses.

Alberta reported an additional 399 cases of COVID-19 Thursday, on 9,217 tests, for a test positivity rate of 4.3 per cent. (Image courtesy CDC)
Red Deer down to 562 active COVID-19 cases

8 new COVID-19 deaths, 399 additional COVID-19 cases

COVID-19. (Image courtesy CDC)
City of Wetaskiwin COVID-19 deaths increase to five

New COVID-19 death in the City of Wetaskiwin despite decrease in active cases.

City of Red Deer has nearly doubled its active COVID-19 case count since Feb. 10 and has 75.6 per cent of the Central zone’s active cases. (File photo)
Another new high: Red Deer hits 574 active COVID-19 cases

Province reports 13 new COVID-19 deaths, 430 new cases

Bookings for COVID-19 vaccines for people age 75 or older start Wednesday. (File photo by THE CANADIAN PRESS)
Updated: Delays for seniors booking for vaccine appointments

By 9:20 a.m. Wednesday, 4,500 seniors had booked their appointments

Sylvan Lake's Winter Village lured many visitors to the town this winter. The town has launched a new contest to attract a new business.
(Black Press file photo)
Sylvan Lake offering rent-free storefront space to lure new businesses

Winning business proposal will get a storefront space rent-free for a year

NDP leader Jagmeet Singh holds a press conference on Parliament Hill in Ottawa on Wednesday, Feb. 24, 2021. THE CANADIAN PRESS/Sean Kilpatrick
NDP will not trigger election as long as pandemic continues: Singh

‘“We will vote to keep the government going’

Mike Ammeter (Photo by Rebecca Hadfield)
Sylvan Lake man elected chair of Canadian Canola Growers Association

Mike Ammeter is a local farmer located near the Town of Sylvan Lake

Students and staff at Gateway Christian School wore pink Wednesday in support of Pink Shirt Day, a worldwide anti-bullying initiative that was started in 2007. (Photo courtesy of Red Deer Public Schools)
Students, central Alberta community celebrate Pink Shirt Day

Mayor of Sylvan Lake Sean McIntyre supports anti-bullying cause

Red Deer Court of Queen’s Bench Justice Anne Kirker is expected to sentence Satnam Singh Sandhu on Friday. Red Deer Advocate file photo
Updated: Sylvan Lake man pleads guilty to manslaughter for strangling wife in 2019

Kulvinder Sandhu was strangled and died in hospital several days later

Sentencing delayed in the stabbing death of Samantha Sharpe, of Sunchild First Nation. (Red Deer Advocate file photo)
Central Alberta man not criminally responsible for killing his father in 2020: judge

Psychiatrist testified Nicholas Johnson was psychotic when he killed his father

The cover of “Hometown Asylum: A History and Memoir of Institutional Care.” (Submitted)
Ponoka-born author writes history of old mental hospital

“Hometown Asylum: A History and Memoir of Institutional Care” covers 1911 to 1971

Most Read