Canada Revenue Agency locks 800,000 accounts, cites possible email ‘phishing’ schemes
Posted March 12, 2021 3:23 pm.
Last Updated March 12, 2021 3:37 pm.
The Canada Revenue Agency says it has locked roughly 800,000 accounts after a routine check found that the login information was available to “unauthorized individuals.”
The tax agency says impacted users will be locked out of their accounts as a preventive measure until they create a new user ID and password.
The CRA says the accounts were not compromised as a result of a breach of the agency’s online systems.
Instead, the federal agency says the login information may have been obtained by unauthorized third parties and through a variety of means by sources external to the CRA, including email phishing schemes.
The statement comes less than a month after the tax agency said an unspecified number of user IDs and passwords may have been accessed by unauthorized individuals “through a variety of means by sources external to the CRA.'”
The federal agency said in February the accounts had not been compromised by a cyberattack but were locked as a preventive measure.