A person looks at a Canada Revenue Agency homepage in Montreal, Sunday, Aug. 16, 2020, as the COVID-19 pandemic continues in Canada and around the world. THE CANADIAN PRESS/Graham Hughes

Thousands of CRA and government accounts disabled after cyberattack

Federal authorities scrambling for answers

Federal authorities were scrambling for answers over the weekend after revealing that hackers used thousands of stolen usernames and passwords to fraudulently obtain government services — with the extent of the damage still unclear.

More than 9,000 hijacked accounts that Canadians use to apply for and access federal services have been cancelled after being compromised in what the Treasury Board of Canada described as “credential stuffing” attacks.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the federal department said in a statement.

The hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

READ MORE: Twitter racing to unravel mystery cyberattack

Officials are now trying to determine how many of those services were fraudulent.

The GCKey attack included thousands of Canada Revenue Agency accounts, through which Canadians can access their income-tax records and other personal information as well as apply for financial support related to the COVID-19 pandemic.

A total of 5,500 CRA accounts were targeted through the GCKey attack and an earlier “credential stuffing” scheme, the Treasury Board said.

“Access to all affected accounts has been disabled to maintain the safety and security of taxpayers’ information and the Agency is contacting all affected individuals and will work with them to restore access to their CRA MyAccount,” the Treasury Board said in a statement.

The department did not reveal how many of the CRA accounts were compromised or the cost of the suspected fraud, but said federal officials as well as the RCMP and federal privacy commissioner were conducting separate investigations.

It also did not say how Canadians in receipt of services such as the Canada Child Benefit or Canada Emergency Response Benefit for those affected by COVID-19 would be affected.

Revelations of the GCKey attack follow earlier concerns and reports from some Canadians that they were being targeted by hackers during the pandemic, with some reporting thousands of dollars in CERB payments for which they did not apply.

READ MORE: To get the latest news on Vancouver Island, B.C., Canada and the world delivered to your inbox daily, click here.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press

Like us on Facebook and follow us on Twitter 

CanadaCoronaviruscybersecurity

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Two new COVID-19 cases reported in Interior Health

The total number of Interior Health cases since the beginning of the pandemic is now at 522

SD 10 secures $3 million in funding to help build Nakusp Elementary School child care centre

The centre will provide 96 new child-care spaces in the village

West Kootenay mother searching for son missing since Sept. 1

Police are investigating the disappearance of Cory Westcott

Man whose crime spree began in Nelson pleads guilty in death of female passenger

Anthony Cortez scheduled to be sentenced for 2017 incidents

Totem pole considered cultural appropriation removed from Nelson’s Hume School

The pole had also become rotted and was seen as dangerous to students

B.C. records 98 more COVID-19 cases, most in Lower Mainland

One new senior home outbreak, Surrey Memorial outbreak over

PHOTOS: 2nd calf in a month confirmed among Southern Resident killer whale pod

Center for Whale Research said they will eagerly await to observe the calf to evaluate its health

2 British Columbians arrested, 3 at large in massive Alberta drug bust

Eight people are facing 33 charges in what police have dubbed Project Incumbent

97 distressed horses, cats and dogs seized from farm in Princeton

RCMP assisted as BC SPCA executed search warrant

$250K reward offered as investigation continues into Sea to Sky Gondola vandalism

Police also asking for specific footage of Sea to Sky highway around time of incident

Trudeau ‘disappointed’ by RCMP treatment of Sikh officers over mask issue

World Sikh Organization of Canada said taking Sikh officers off the front lines constitutes discrimination

Liberals reach deal with NDP on COVID-19 aid bill, likely averting election

NDP and the Liberals have reached an agreement on COVID-19 sick-leave

Money laundering inquiry delayed over of B.C. election: commissioner

Austin Cullen says the hearings will start again on Oct. 26

Lumber hitting record-high prices as supply lags behind demand

B.C.’s forest industry hasn’t been able to keep pace with the COVID-19 building boom

Most Read