Canadian tax attack affected nearly 11,200 citizens

Following an attack by Revenue Quebec, the site was automatically unavailable to thousands of daily users.

For a few days was the case. Interviewed the government that charges the platform, realizes well in the countdown has been the victim of a computer attack, the effects of which can weigh heavy in the future.

This article will also interest you: Hacking thousands of tax accounts online

That's more than 3 computer security incidents that compromised the personal information of millions of Canadian citizens. Although today the attack on the tax authorities has been brought under control, the fact remains that it always raises the same questions. The vulnerability of both public and private information systems. By the way, the Canadian tax office site was reinstated a few days ago. Already last Monday, federal government officials were talking about this to do at a press conference in Ottawa.

According to information received from the public regarding the security computer incident, it was mentioned that Revenue Quebec's computer system gave in to a proof-jamd attack. An attack that targeted the Canadian government and was able to be brought under control in the most timely, according to a senior information statement from the Government of Canada Acting Marc Fog.

To take stock of the 3 attacks that targeted the Canadian government's computer systems, the first one that began exactly on August 16, cyber criminals had also done it by jamming evidence. An attack that allowed them to water his information such as passwords and usernames of nearly 9000 CleGC accounts, information used by the 30 departments and agencies of the Canadian government. In all, cyberattacks have gained access to 3400 agency accounts, all linked to Revenue Canada.

"The affected accounts were cancelled as soon as the attack was discovered," notes Mr. Brouillard, "and departments are now contacting concerned citizens to tell them how to obtain a new CmGC. The Royal Canadian Mounted Police (RCMP) was notified of the attack last Tuesday, three days later, and he did not want to speculate on the identity of the perpetrators. ».

With respect to the second computer attack, it was not specifically aimed at the CRA. Precisely last week, and allowed cybercriminals to have access to nearly 2,200 private files of CRA users. The cyberattack was based on a computer system security flaw. A loophole that allowed cyber criminals to bypass a security issue usually used to authenticate users. According to government experts, the vulnerability has been fixed since its discovery.

For the third computer attack, the details of the unfolding of this incident did not in what cases were really detailed by the authorities. All we know, it will take place last Saturday, which forced the CRA, to make unavailable, these three online services " – My File, My Business File and Representing a Client. »

"We were very confident that the control was fine, but af[les événements impliquant]ter the CleGC, we noticed an attack on Saturday and decided to[alors] block and close our portal," said Annette Butikofer, Assistant Commissioner and Chief Information Officer at the CRA.

In summary, it was noted that nearly 11,200 Canadians were victims of these computer attacks in general.

According to Ms. Butikofer, "My Business File service is still functional again, so employers who want to apply for a payroll subsidy can do so now. The OTHER two CRA services – My File and Representing a Client – are expected to be reinstated by midweek. »

Pending the opening of the still unavailable online services, it has been made available to Canadians who are willing to take certain actions.

On this point, Mr. Brouillard noted: "It is often in these attacks that the information is resold on the dark web, it is an accumulation of several, s[informations piratées]o it would be possible that we would never be able to specify exactly the source."

Now access an unlimited number of passwords: