It is a massive attack. Tens of thousands of user accounts of online government services were recently hacked in cyberattacks, Canadian authorities said on Saturday.
The attacks targeted the GCKey service, used by some 30 federal departments, and accounts of the Canada Revenue Agency, the Treasury Board of Canada Secretariat said in a statement.
An investigation launched by the government and the federal police
The passwords and usernames of 9,041 CLeGC account holders "were acquired fraudulently and used to attempt to access government services," authorities said. And about 5,500 accounts of the Canada Revenue Agency were particularly targeted in this attack and another, the authorities said, adding that access to these accounts was suspended to "protect taxpayer information."
An investigation has been opened by the government and the federal police to "determine whether there has been any breach of privacy and whether information has been obtained from these accounts," authorities said.
Changing bank information
According to the public broadcaster CBC, a number of Canadians have reported, since the beginning of August, having had their banking information associated with their Canada Revenue Agency account changed. Payments related to the Canadian Emergency Benefit, financial assistance put in place by the government due to the Covid-19 epidemic, were also issued on their behalf without their requesting it.
The type of attack implemented, called “credential stuffing”, uses usernames and passwords collected during previous account hacks, taking advantage of the fact that many Internet users use the same codes for several accounts. , the authorities said.
Society
Government services, constant target of criminal hackers
World
United States: Several government sites hacked by pro-Daesh messages
- By the Web
- Internet
- Password
- Canada
- Government
- Accounts
- Cyber attack
- Piracy