The Canada Revenue Agency (CRA) headquarters Connaught Building is pictured in Ottawa on Monday, Aug. 17, 2020. THE CANADIAN PRESS/Sean Kilpatrick

CRA resumes online services with new security features after cyberattacks

All individuals affected by the cybersecurity breaches will receive a letter from the CRA

The Canada Revenue Agency has resumed all online services after fraudsters used thousands of pilfered usernames and passwords to obtain government services.

The agency disabled the services Saturday after discovering more than 5,000 accounts had been the target of three cyberattacks.

Online access to “My Business Account” resumed Monday and all others were brought back online Wednesday evening.

The agency says it regrets the impacts on Canadians and has modified all its security systems to protect against future cyberattacks.

All individuals affected by the cybersecurity breaches will receive a letter from the CRA explaining how to confirm their identity in order to protect and restore access to their account.

The agency urges everyone using its online services to update their accounts with unique passwords they don’t use for any other purpose.

It also recommends all CRA “My Account” users enable email notifications as an additional measure of security.

They can also opt to use a new security feature that will allow them to set up a unique personal identification number to open an account.

About 5,600 CRA accounts were targeted in what the CRA has described as “credential stuffing” schemes, in which hackers used passwords and usernames from other websites to access Canadians’ CRA accounts.

The first of three attacks last week took aim at the GCKey service, which is used by about 30 federal departments and allows Canadians to access services like the My Service Canada account.

By using the previously stolen usernames and passwords, the perpetrators were able to fraudulently acquire about 9,000 of the some 12 million GCKey accounts.

Separately, CRA’s system was hit by credential stuffing attacks. The perpetrators were able to use previously hacked credentials to access the CRA portal. They were also able to exploit a vulnerability that allowed them to bypass the CRA security questions and get into thousands more accounts.

In addition, the CRA portal was directly targeted with a large amount of traffic trying to attack the services through credential stuffing.

The Canadian Press

Canadacybersecurity

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Oak Bay police seek suspect who broke into liquor store on Cadboro Bay Road

The incident happened at 2:50 a.m. on Thursday, Sept. 17

MISSING: VicPD seeks 33-year-old man last heard from in August

Scott Grier could have been travelling in Alberta, police say

March to protect old growth, stop industrial logging coming to B.C. Legislature

Organizers say they want to give frontline communities a bigger say in nearby logging

Record-breaking 165 new COVID-19 cases diagnosed in B.C. in 24-hour period

Fifty-seven people are in hospital battling the novel coronavirus

B.C. releases details of $1.5B economic recovery plan, $660M in business tax incentives

Economic plan includes support for employers, as well as training for workers

‘Not criminally responsible’ hearing slated for man convicted of Abbotsford school stabbing

Gabriel Klein was found guilty in March of killing Letisha Reimer, 13, in 2016

Vancouver’s shuttered aquarium searching for financial solution amid pandemic

The aquarium needs about $1 million a month to cover its costs

B.C., Alberta sending nearly 300 fire personnel by Friday to help battle wildfires in Oregon

Some 230 firefighters, most from British Columbia but including a number from Alberta, will be deployed Friday

B.C. to begin publicly listing COVID-19 school exposure events

Move follows weeks of criticism from parents, the public

Most Read