A person looks at a Canada Revenue Agency homepage in Montreal, Sunday, Aug. 16, 2020, as the COVID-19 pandemic continues in Canada and around the world. THE CANADIAN PRESS/Graham Hughes

A person looks at a Canada Revenue Agency homepage in Montreal, Sunday, Aug. 16, 2020, as the COVID-19 pandemic continues in Canada and around the world. THE CANADIAN PRESS/Graham Hughes

Thousands of CRA and government accounts disabled after cyberattack

Federal authorities scrambling for answers

Federal authorities were scrambling for answers over the weekend after revealing that hackers used thousands of stolen usernames and passwords to fraudulently obtain government services — with the extent of the damage still unclear.

More than 9,000 hijacked accounts that Canadians use to apply for and access federal services have been cancelled after being compromised in what the Treasury Board of Canada described as “credential stuffing” attacks.

“These attacks, which used passwords and usernames collected from previous hacks of accounts worldwide, took advantage of the fact that many people reuse passwords and usernames across multiple accounts,” the federal department said in a statement.

The hacked accounts were tied to GCKey, which is used by around 30 federal departments and allows Canadians to access various services such as employment insurance, veterans’ benefits and immigration applications.

One-third of those accounts successfully accessed services before all of the affected accounts were shut down, said the Treasury Board, which is responsible for managing the federal civil service as well as the public purse.

READ MORE: Twitter racing to unravel mystery cyberattack

Officials are now trying to determine how many of those services were fraudulent.

The GCKey attack included thousands of Canada Revenue Agency accounts, through which Canadians can access their income-tax records and other personal information as well as apply for financial support related to the COVID-19 pandemic.

A total of 5,500 CRA accounts were targeted through the GCKey attack and an earlier “credential stuffing” scheme, the Treasury Board said.

“Access to all affected accounts has been disabled to maintain the safety and security of taxpayers’ information and the Agency is contacting all affected individuals and will work with them to restore access to their CRA MyAccount,” the Treasury Board said in a statement.

The department did not reveal how many of the CRA accounts were compromised or the cost of the suspected fraud, but said federal officials as well as the RCMP and federal privacy commissioner were conducting separate investigations.

It also did not say how Canadians in receipt of services such as the Canada Child Benefit or Canada Emergency Response Benefit for those affected by COVID-19 would be affected.

Revelations of the GCKey attack follow earlier concerns and reports from some Canadians that they were being targeted by hackers during the pandemic, with some reporting thousands of dollars in CERB payments for which they did not apply.

READ MORE: To get the latest news on Vancouver Island, B.C., Canada and the world delivered to your inbox daily, click here.

The government warned Canadians to use unique passwords for all online accounts and to monitor them for suspicious activity.

The Canadian Anti-Fraud Centre says more than 13,000 Canadians have been victims of fraud totalling $51 million this year. There have been 1,729 victims of COVID-19 fraud worth $5.55 million.

Lee Berthiaume, The Canadian Press

Like us on Facebook and follow us on Twitter 

CanadaCoronaviruscybersecurity

Get local stories you won't find anywhere else right to your inbox.
Sign up here

Just Posted

Columbia Shuswap Regional District staff reviewed its policies around health and safety after an employee tested positive for COVID-19. (File photo)
CSRD reviews COVID-19 policy after employee tests positive

City of Salmon Arm says only one of its staff has tested positive since March

Salmon Arm Secondary student Karly Irmen collected almost 300 lbs of food for the Salvation Army Food bank and dropped it off on Tuesday, Jan. 19. (Jim Elliot-Salmon Arm Observer)
Salmon Arm Secondary student organizes 295-lb food bank donation

A large amount of clothes was also collected to support local Salvation Army

Calls for potential overdoses in B.C. spiked in 2020, especially in the Okanagan - Shuswap. Pictured above is a BCEHS re-enactment of paramedics attending an overdose. (BCHES)
Overdose calls spike in 2020 across the Okanagan – Shuswap

Stats show every major community in Okanagan - Shuswap increased in calls for potential overdoses

The BC SPCA is adapting its fundraising after cancelling events due to COVID-19 restrictions. (Twila Amato - Black Press Media)
BC SPCA gets creative with fundraising as pandemic continues

The non-profit’s in-person fundraising events all had to be cancelled due to COVID-19 restrictions

Interior Health has declared the Cariboo Chilcotin a community cluster. (Angie Mindus photo)
Interior Health declares Cariboo Chilcotin region a COVID-19 cluster, 215 cases since Jan. 1

Most cases are related to transmission at social events and gatherings in Williams Lake

Vernon Fire Rescue Services responded to a single-vehicle rollover Wednesday, Jan. 20, 2021, after a vehicle came into contact with a pedestrian light pole at Kalamalka Lake Road and 14th Avenue. (Brendan Shykora - Morning Star)
Minor injuries in rollover after vehicle hits Vernon crosswalk pole

The vehicle flipped onto its side, closing Kalamalka Lake Road

Penticton city council heard from Dhorea Ramanula, of Paid Employment for People with Lived Experiences Tuesday, Jan. 19. Ramanula’s organization has operated public washrooms in Kelowna staffed by community support workers since April, she says Penticton could benefit from a similar facility. (Michael Rodriguez - Kelowna Capital News)
Penticton interested in new public washroom concept to combat vandalism

Public washrooms with on-site support staff have been operating in Kelowna since April

Canada Post had remove a lot of letter boxes around Penticton after they were vandalized. This letter box at the United Church on Main St. remains unscathed. (Monique Tamminga Western News)
Street mailbox vandals strike Penticton drop boxes

Canada Post had to remove a bunch of the vandalized units

Esa Carriere, 23, was the victim of a 2018 Canada Day homicide. (File)
Youth sentenced in Kelowna Canada Day killing

Young woman pleaded guilty to lesser assault charge, sentenced to 15-month intensive support and supervision program

A rendering of UBC’s planned downtown Kelowna campus. (Contributed)
Kelowna’s new downtown campus to help alleviate UBCO’s space crunch

The sizable development is anticipated to be completed by the fall 2024 semester

Vernon's Noric House long-term care facility is dealing with an influenza outbreak amid the COVID-19 pandemic. (File photo)
Two more deaths at Vernon care home

Noric House case numbers remain steady, but death toll rises

Most Read