The Canadian Government reported suspending hundreds of accounts for users of online government services after cyber attacks on Saturday morning (15). Altogether more than 14 accounts of two government services in the country were compromised.
According to the Government of Canada in a press release, the attacks targeted the Canadian Revenue Agency (CRA) and the GCKey security service, used to access some 30 federal departments. In all of these services, hackers used botnets to drill the security of the systems.
"At dawn on Saturday, a CRA portal was targeted by a large amount of traffic using a botnet in order to access services by filling in credentials," said Marc Brouillard, interim director of information for the government of Canada. "As a precaution, the CRA portal was closed to contain the attack and implement measures to protect services," he adds.
About 9 Canadian accounts in the GCKey system had passwords and usernames stolen, which were later used to try to access government services. Another 5.500 Canadian Revenue Agency accounts were visited on the same day.
According to Canadian authorities, some 14 accounts were victims of the attacks. Credits: Reproduction.
An investigation was initiated by the Canadian government and the country's Federal Police to determine if there were any breach of privacy by the services, as well as what other information was obtained from these users. The responsible authorities announced that suspending these accounts was a way of protecting the victims' privacy.
According to information from the CBC, several Canadians report since the beginning of August that their bank information associated with Canada Revenue Agency accounts has been changed.
Canadian emergency benefit payments, a financial assistance package implemented by the government in response to the new pandemic coronavirus, were also issued in the victims' names without their request.