A credential stuffing attack targeting Canada Revenue Agency (CRA) accounts has forced the government tax collector to suspend its online services over the weekend.
The compromised accounts were linked to the GCKey portal, a system used by 30 federal departments allowing citizens to access services such as employment insurance, immigration applications and COVID-19 relief benefits.
While the CRA contained the breach by temporarily shutting down its services, citizens looking to apply for government benefits will be unable to do so.