Thousands of CRA accounts affected by CERB-related hacking

Supported By:

Net Patrol International Inc.  Data Investigation and Forensic Services
Bankruptcy and Insolvency Trustees

March 23, 2021 – Chris Chezepock thought he was making a simple call to unlock his online taxpayer account when he rang up the Canada Revenue Agency on Wednesday morning.

Instead, the 31-year-old Toronto man discovered that his identity had been hijacked, with a CRA agent informing him that his banking information changed, and two fraudulent applications had been made under his name for the Canada Emergency Response Benefit.

“It was quite a stressful morning, because I’m thinking what about my credit cards, what about everything?” Mr. Chezepock said.

He is one of nearly 800,000 Canadians who have had their accounts locked by the CRA over security concerns in recent months. And he is also part of an unhappy and growing subset: the more than 10,000 taxpayers whose accounts have been illicitly accessed by hackers, using stolen log-in credentials to try to obtain CERB benefits.

It’s not yet clear how successful those fraudulent efforts were in obtaining CERB benefits, worth $2,000 a month for a maximum payout of $14,000. In a statement, the CRA did not directly respond to a question about how many fraudulent CERB payments had been obtained. But the agency did note in a statement that taxpayers who fall prey to these identity theft attacks will not be responsible for any unauthorized claims, and that it is strengthening security protocols for user log-ins. Globe and Mail reports. | READ MORE