Marc Brouillard, CTO for the Government of Canada, joins fellow senior officials from the Treasury Board of Canada Secretariat, the Canada Revenue Agency, and the Canadian Centre for Cyber Security to provide an update regarding the recent cyber attacks against GCKey and CRA accounts during a technical briefing on Parliament Hill in Ottawa on Monday, Aug. 17, 2020. THE CANADIAN PRESS/Sean Kilpatrick
The Canada Revenue Agency expects online services to be fully restored by Wednesday after hackers used thousands of stolen usernames and passwords to fraudulently obtain government services.
About 5,600 CRA accounts were targeted in what the federal government describes as "credential stuffing" schemes, in which hackers used passwords and usernames from other websites to access Canadians' revenue agency accounts.
Officials say the RCMP is investigating the breaches.
The suspension of CRA's online services comes as many Canadians are using the revenue agency's website to access financial support related to the COVID-19 pandemic.
A senior agency official told a news briefing today that Canadians can still apply for benefit programs by calling 1-800-959-8281.
The government is advising Canadians to use unique passwords for all online accounts and to check for suspicious activity.