Some Canadian Revenue Agency emails locked as precaution not cyber security breach

VANCOUVER (NEWS 1130) – It seems a number of people have been locked out of their accounts on the Canada Revenue Agency website, but the CRA assures it is not because of a security breach.

CRA explains in an emailed statement that some Canadians who signed up for alerts may have been notified that their email was removed from their account.

“This step is taken proactively by the CRA as a security precaution in the context of ongoing investigative work, and is not due to a cyber security breach of CRA systems,” reads the statement. “As a further precaution, access to an impacted account gets locked.”

It’s unclear what the investigative work entails or how many accounts are impacted by this. While the CRA says there hasn’t been a breach, it has not responded to several follow up questions to explain if there was an attempted cyber attack.

There’s no word at this time on how long people will be unable to access their accounts, however, the CRA says it’ll be sending a letter by mail to individuals impacted with instructions on how to unlock their accounts.

Deanna Howlett, who lives in the Greater Toronto Area, tells CityNews she’s left with many questions after being locked out and spending more than three hours on hold with the CRA before her call was disconnected.

“What’s going on with my account? Has somebody stolen my identity?” she asks.

In the summer, a credential stuffing attack affected tens of thousands of Canadians and forced the CRA to temporarily shut down its online services.