On August 17, 2020, the Canada Revenue Agency has temporarily shut down its online services, after it was hit by two cyber attacks in a data breach that compromised the personal information of thousands of Canadians.

The federal government admitted that hackers accessed the Canada Revenue Agency or GCKey accounts, which is an online portal that allows Canadians to access government services like employment insurance and veterans benefits, of an estimated 11,200 Canadians.

The breaches involved fraudulent CERB payments. Email addresses and direct deposit information. “As an additional precaution, the CRA temporarily disabled online services,” affecting access to funds for thousands of people that need that money to pay their bills.

What happened

The hackers were able to do things like change bank account information and apply for government benefits, posing as the owner of the account.

“In this incident, the usernames and passwords that were used were acquired by fraudsters in previous third-party data breaches,” said the CRA. “To help lower the risk of being affected by these kinds of cyberattacks, people are strongly encouraged to avoid reusing passwords for different systems and applications.”The Canada Revenue Agency said Monday it is sending a letter to everyone whose account was hacked. However, in the time it takes for someone to get that letter, those same credentials could be used to strike again if someone has used the same e-mail and password combination for other accounts.

Tips for protecting your data and personal information

Do not use the same user name for multiple accounts and apps.
Do not use the same password for multiple accounts.
Change your passwords regularly.

Patient7

As always, security is our top priority here at Patient7 and we know it’s very important to you, too. Whether the news is directly related to passwords or otherwise, we want our community to be as informed as possible and know how to protect your personal information.