OTTAWA — Hackers fraudulently applied for COVID-19 financial benefits on behalf of 12,700 unsuspecting Canadians after a cyber attack on Canada Revenue Agency’s online system in 2020, court documents reveal.
Thousands of Canadians were stunned to find out in the summer of 2020 that their credentials to login to sensitive online government services like CRA’s MyCRA portal had been compromised by hackers.
The government initially thought that 5,500 CRA accounts had been potentially compromised through two cyber attacks. Both were tied to “credential stuffing” incidents in which hackers try to login to websites illegally on victims’ behalf using troves of stolen credentials.
One month after the CRA hack, the government admitted that forensic analysis revealed “suspicious activities” on 48,500 accounts, nearly 10 times more than first suspected.
No comments:
Post a Comment