Canada Revenue Agency locks 800,000 accounts, cites possible email ‘phishing’ schemes

The Canada Revenue Agency (CRA) headquarters Connaught Building is pictured in Ottawa on Monday, Aug. 17, 2020. The Canada Revenue Agency won't say when it expects its website to return to normal. THE CANADIAN PRESS/Sean Kilpatrick

The Canada Revenue Agency says it has locked roughly 800,000 accounts after a routine check found that the login information was available to “unauthorized individuals.”

The tax agency says impacted users will be locked out of their accounts as a preventive measure until they create a new user ID and password.

The CRA says the accounts were not compromised as a result of a breach of the agency’s online systems.

Advertisement

Instead, the federal agency says the login information may have been obtained by unauthorized third parties and through a variety of means by sources external to the CRA, including email phishing schemes.

The statement comes less than a month after the tax agency said an unspecified number of user IDs and passwords may have been accessed by unauthorized individuals “through a variety of means by sources external to the CRA.'”

The federal agency said in February the accounts had not been compromised by a cyberattack but were locked as a preventive measure.

MORE FROM Business

333 Bloor Street East, Toronto, Ontario M4W 1G9 © 2002 - 2024 Rogers Media. All rights reserved.