Go Back   Runner > Canada Local & World Events > World News

World News Events Happening In our World

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 03-14-2021, 10:25 AM
Runner's Avatar
Runner Runner is offline
Administrator
 
Join Date: Nov 2020
Location: Moose Jaw
Posts: 318
Send a message via Skype™ to Runner
Default Experts call on CRA to 'get serious' about cybersecurity after 800k users locked out

Experts call on CRA to 'get serious' about cybersecurity after 800k users locked out as a precaution

Jill Macyshon, Ross Andersen





TORONTO -- Following a precautionary mass account suspension, cybersecurity experts say the Canada Revenue Agency (CRA) needs to “get serious” about its online security.
This comes after the CRA announced Friday it would be locking out 800,000 online taxpayer accounts following an internal investigation that found user logins and other sensitive information may have been hacked.
“The CRA needs to get serious about security for taxpayers,” tech expert Carmi Levi told CTV National News.
Levi says the CRA serves as a guardian for some of the most important and personal information belonging to Canadians, and protecting it should require more secure passwords and two-factor authentication, which would require users to input a code sent to their phone number in addition to their password to login. The CRA offers this feature, but it's not mandatory to use its web services.
“The time to implement two factor authentication was last summer after the first security event - not months later - and then only making it optional for Canadians,” said Levi.
The mass account suspensions have left many in limbo waiting hours before they are able to get answers in regards to their account information.
In what might be considered the most complicated tax season yet, Canadians who have lost access to their accounts will be unable to regain access until at least March 22, according to the CRA.
Taxpayers can however re-gain access to their CRA account by going to the CRA login page and creating a new CRA user ID and password or by using a different login method associated with their CRA account, the agency says.
“When you consider an account compromised it doesn’t necessarily mean it’s been assessed, it simply means that there is a risk of the account credentials having been lost, stolen or shared,” cybersecurity expert Claudiu Popa told CTV National News.
In August the CRA temporarily shut down its website after thousands of Canadians had their accounts hacked. In February, the agency suspended accounts again over fears of yet another external threat.
The latest account lockouts are a precautionary measure, and the CRA is encouraging users to update their secure login information, but not everyone is impressed with the initiative.
“I already spent 12+ hrs on hold after MyAccount locked in Feb. Now I’m locked out of my new account (with new UNIQUE login/ultra secure pw/2 factor auth) during tax season. What gives @Can Rev Agency," one users wrote on Twitter Saturday.
“I'm one of the 800,000 Canadians locked out of my CRA account today. Wonder how the 'dark web' obtained my password credentials? I think the CRA should give all of us more information about the particular third party breach," tweeted another.
I'm one of the 800,000 Canadians locked out of my CRA account today. Wonder how the 'dark web' obtained my password credentials? I think the CRA should give all of us more information about the particular third party breach. Changing all my passwords now...
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 05:17 PM.


Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Copyright ©2020 - 2021, Runner
Ad Management plugin by RedTyger