The Canada Revenue Agency (CRA) temporarily halted operations after discovering two cyberattacks on its systems where attackers exploited thousands of stolen usernames and passwords to illegally obtain government services and to compromise Canadians’ data, as reported by CBC.
The attacks affected the GCKey service, an online portal that allows Canadians to access government services, used by the CRA, and over 30 federal departments. Hackers compromised passwords and usernames of 9,041 GCKey account holders to access government services. In addition, about 5,500 CRA users’ accounts were targeted in the incident, the authorities said.
According to the CBC, several Canadians have reported that their bank details linked to their CRA agency accounts have been modified by unknown parties. Payments related to the Canadian Emergency Benefit, a financial assistance package from the government in the wake of the pandemic, have also been issued to other bank accounts without their knowledge.
The CRA spokesperson Christopher Doody said, “The CRA quickly identified the impacted accounts and disabled access to these accounts to ensure the safety and security of the taxpayer’s information. The CRA is continuing to analyze both incidents. Law enforcement assistance has been requested from RCMP and an investigation has been initiated.”
329,000 Canadians’ Data Hacked
Recently, the Chartered Professional Accountants of Canada (CPA) disclosed a security breach that affected over 329,000 members and stakeholders of the association. It is said that unknown hackers compromised the CPA Canada website and obtained information related to the distribution of its magazine. The exposed information includes names, home addresses, email addresses, and other sensitive information. However, CPA clarified that information like passwords and credit card numbers were protected by encryption.
“There is no evidence that the encryption keys were affected in this incident and we have no reason to believe the encryption was compromised,” the company said in its security incident report.