Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug - Small businessess from 1 to 80 employees outsource your payroll management to us and let us worry about your payroll processing.
RSS Follow Become a Fan

Delivered by FeedBurner

Recent Posts

Tax changes to expect when you’re expecting
2016 Tax Tips for 2015 Filing Year
From Proprietorship to Corporation - When is the Best Time to Incorporate?
Tax Specialists Brief your Clients About CRA Fraud And E-Mail Scams
Bank of Canada cuts rates again

Most Popular Posts

Help your teenager build credit responsibly
Being an Executor of an Estate
Student Line of Credit
Principal Residence Exemption


aliko nutrition store- isotonix
aliko payroll services
canada revenue news and videos
canadian news
Cross border Tax
Disability awareness and Benefits for disabled
estate planning
Home Car Insurance
Income Splitting Strategies in Retirement
kids and money -set your children up for financial success
life insurance
on line safety tips
online safety tips
Real Estate - Investments / Retirement
Retirement planning
Save your money
small business planning
Tax Information for Students
tax news
tax planning
Tech news


January 2016
July 2015
May 2015
April 2015
February 2015
December 2014
November 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013

powered by


Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug

Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug
Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug
After learning that the Canada Revenue Agency (CRA) systems were vulnerable to the Heartbleed bug, the CRA acted quickly to protect taxpayer information by removing public access to its online services on April 8, 2014.
Since then, CRA worked around the clock to implement a “patch” for the bug, vigorously test all systems to ensure they were safe and secure, and re-launch our online services late yesterday.
Regrettably, the CRA has been notified by the Government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period. Based on our analysis to date, Social Insurance Numbers (SIN) of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability. We are currently going through the painstaking process of analyzing other fragments of data, some that may relate to businesses, that were also removed.
The CRA is one of many organizations that was vulnerable to Heartbleed, despite our robust controls. Thanks to the dedicated support of Shared Services Canada and our security partners, the Agency was able to contain the infiltration before the systems were restored yesterday. Further, analysis to date indicates no other CRA infiltrations have occurred either before or after this breach.
Beginning today, the Agency is putting in place measures to support and protect the individuals affected by the breach. Each person will receive a registered letter to inform them of the breach. A dedicated 1-800 number has also been set up to provide them with further information, including what steps to take to protect the integrity of their SIN. The Agency will not be calling or emailing individuals to inform them that they have been impacted – we want to ensure that our communications are secure and cannot be exploited by fraudsters through phishing schemes.
The CRA will also provide those who have been affected with access to credit protection services at no cost. And we will apply additional protections to their CRA accounts to prevent any unauthorized activity.
On April 11, 2014, I informed the Privacy Commissioner of Canada of the breach. The RCMP are investigating.
As the Commissioner of the CRA, I want to express regret to Canadians for this service interruption. In particular, I share the concern and dismay of those individuals whose privacy has been impacted by this malicious act.
CRA online services are safe and secure. The CRA responded aggressively to successfully protect our systems. We have augmented our monitoring and surveillance measures, so that the security of the CRA site continues to meet the highest standards.
I know that all employees of the Canada Revenue Agency join me in appreciation for the cooperation and patience of the public, businesses and representatives as we resolved this situation.
the CRA  services have been restored to full service and the deadline to file tax returns without penalty has been extended until May 5, 2014.
Andrew Treusch

1 Comment to Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug:

Comments RSS
rayban yalaecom on June-01-14 12:50 PM
I used to be very pleased to seek out this internet-site.I wanted to thanks on your time for this glorious read!! I definitely enjoying each little little bit of it and I have you bookmarked to check out new stuff you blog post.
Reply to comment

Add a Comment

Your Name:
Email Address: (Required)
Make your text bigger, bold, italic and more with HTML tags. We'll show you how.
Post Comment