Entries in Canada Revenue Agency (2)

Sunday
Aug162020

CRA disables online services after 'credential stuffing' cyberattack

Embed from Getty Images 

The Canada Revenue Agency's website was just hit with a "credential stuffing" cyberattack, giving hackers access to 9,041 users' usernames and data. The Government of Canada temporarily shut down access to its online services as the bad actors tried to access GC's services. Approximately 5,500 GCKey service and CRA accounts were affected by this attack and another recent credential stuffing attack. 

The attacks use passwords and usernames taken from previous hacks of accounts globally, taking advantage of the fact that many people reuse passwords and usernames on multiple accounts. Here's another reminder to please use different usernames and passwords for different accounts.

Click to read more ...

Monday
Apr142014

Hackers take 900 Canadian tax IDs using Heartbleed

Hackers were quick to take advantage of the Heartbleed vulnerability and breached the Canada Revenue Agency to take around 900 Social Insurance Numbers and other unidentified business data. According to Engadget, the security breach happened after the public learned about Heartbleed. The agency tried to secure its system immediately but they weren’t apparently fast enough. There are reportedly no other breaches aside from this incident and the authorities are applying more security measures to make sure the compromised accounts won’t be misused.