Suspicious activity found on 48,000 CRA accounts after cyberattacks: treasury board
OTTAWA -- The Treasury Board of Canada says it has uncovered suspicious activities on more than 48,000 Canada Revenue Agency accounts following cyberattacks in July and August.
The treasury says the previously-announced attacks targeted CRA accounts and GCKey, an online portal through which Canadians access employment insurance and immigration services.
Attackers used a method called credential stuffing, which takes advantage of people who reuse usernames and passwords across multiple platforms that may have been previously hacked.
The treasury says GCKey was not compromised, but it has revoked 9,300 credentials for its system and is contacting those users in hopes of blocking subsequent attacks.
Canadians who receive a revocation message can register for new credentials or make use of the SecureKey Concierge, which lets users sign in to 269 government services through partners, such as major banks.
The treasury says the Royal Canadian Mounted Police's investigation into the attacks is still ongoing and affected departments have been in contact with the Office of the Privacy Commissioner to provide updates on what personal information has been compromised.
- More than 5,000 CRA accounts targeted in recent cyberattacks
- CRA resumes online services with new security features after cyberattacks
- Hacked Zoom accounts being sold for less than a penny on dark web: report
- 50 Million Accounts Affected By Huge Facebook Security Breach
- Canada Post urging Mississauga customers to reset their passwords
- Some university students in Mississauga are dating older partners to pay off debt
- Police won’t be stopping and questioning people while stay-at-home order is in effect
- New COVID-19 isolation centre now open in Peel; more coming soon
- Two COVID-19 cases reported at Loblaws in Mississauga
- LATEST: Halton Police have the individual who had barricaded themselves in Oakville in custody