The Canada Revenue Agency says it will lock more than 800,000 taxpayers out of its online platform tomorrow after an investigation revealed that some usernames and passwords may have been obtained by “unauthorized third parties.”
The agency said the move is precautionary and is being taken after a similar action in February.
“Like the accounts that were locked in February, these user IDs and passwords were not compromised as a result of a breach of CRA’s online systems. Rather, they may have been obtained by unauthorized third parties and through a variety of means by sources external to the CRA,” said CRA in a news release. The agency cited data breaches and email phishing scams as possible sources of compromised personal information.
Following data breaches, items of personal information — such as usernames and passwords — are often made available online through the so-called “dark web”, a part of the internet that can be accessed only through a special browser.
CRA’s move comes in the middle of one of the most complicated tax seasons in recent memory, as millions of Canadians prepare to file taxes after receiving COVID-19 benefits.
Affected taxpayers will have their emails removed from their accounts, the agency said, and will receive instructions on how to regain access to their CRA account.
Those who have signed up for email notifications from CRA My Account will receive emails, while other affected individuals will receive their instructions by mail.
www.cbc.ca 2021-03-12 19:32:52