OTTAWA — The Canada Revenue Agency expects online services to be fully restored by Wednesday after hackers used thousands of stolen usernames and passwords to fraudulently obtain government services.
About 5,600 CRA accounts were targeted in what the federal government describes as “credential stuffing” schemes, in which hackers used passwords and usernames from other websites to access Canadians’ revenue agency accounts.
Officials say the RCMP is investigating the breaches.
The suspension of CRA’s online services comes as many Canadians are using the revenue agency’s website to access financial support related to the COVID-19 pandemic.
A senior agency official told a news briefing today that Canadians can still apply for benefit programs by calling 1-800-959-8281.
The government is advising Canadians to use unique passwords for all online accounts and to check for suspicious activity.