CRA online services working again after attacks shut them down for days

By | August 19, 2020

OTTAWA — The Canada Revenue Agency says its online services are now back up and running after being offline for days due to a series of cyberattacks.

The portal that allows Canadians to apply for financial assistance reopened on Wednesday evening, and in a statement the CRA thanked Canadians for their patience and said it has “modified our security systems to protect taxpayer accounts from similar types of attacks in the future.” 

Over the weekend the Canada Revenue Agency temporarily shut down its online services and applications after hackers used thousands of stolen usernames and passwords to fraudulently access government services in three separate but serious breaches, compromising the personal information of thousands.

The temporary online shutdown came as many Canadians and Canadian businesses are still relying on COVID-19 emergency federal aid programs to stay financially afloat, such as those accessing the Canada Emergency Response Benefit.

The CRA was able to re-launch its business portal, allowing employers to access their accounts on August 17, but until 5 p.m. on Wednesday Canadians had to call in to get any information about their individual CRA accounts. 

“The CRA sincerely regrets the impact that these cyber security incidents has had on Canadians. CRA personnel, and our partners, have quite literally been working around the clock to combat the recent attacks, to make sure Canadians’ personal information is safe, and to restore access to services on which Canadians rely,” the revenue agency said in a statement.

Impacted individuals have had their accounts suspended, and the government is working on notifying all affected users and tallying the damage done by these cyberattacks. Those who had their accounts breeched will receive a letter from the CRA explaining how to confirm their identity in order to protect and restore access to their CRA account. 

The CRA is encouraging all users to use unique passwords across websites, and to enable email notifications so they will be notified when changes are made to their CRA accounts, which could act as an early warning of malicious behaviour. 

View original article here Source