Hacking to Blame as more than 48,000 CRA Accounts Show Suspicious Activity

More than 48,000 Canada Revenue Agency (CRA) accounts have been linked with unusual activity, seemingly confirming suspicions of widespread hacking. The spate of cyberattacks included GCKey accounts, potentially leaving several sensitive government departments open to illegal data theft or manipulation. These events led the CRA to shut down its online services and applications, and launch an investigation alongside the RCMP.

The government started to recognize the cyberattacks on August 7, making its findings public a week later. The hackers had implemented a ‘credential stuffing’ method in order to acquire login information. Such security breaches are made possible when account holders use identical usernames and passwords across multiple platforms, or the users overshare personal details on their social media, leaving their login data vulnerable to cybercriminals. Some accounts, once broken into, may even be sold to other criminals via dark websites.

As technology improves, the human element often remains the weak link in security efforts. All manner of scams and sub-optimal digital security habits have been used to hack into accounts in the past.

This year, Covid-19 has been used in hacking scams as well, in order to steal users’ personal information. In many cases, users unwittingly give their information away to scammers because they were fooled by phishing attempts or phony offers of assistance during the pandemic.

The CRA, for its part, has made efforts to control the damage from the hacks. “The CRA will work with individuals affected by identity theft or fraud to help ensure they are not held liable for fraudulent claims and payments made by fraudsters using their account. Individuals whose accounts have been compromised will be offered credit protection services free of charge,” it said.