Canada Revenue Agency grappling with more unauthorized access

Share this article:

A tax inspector in Vancouver, British Columbia used the Canada Revenue Agency's (CRA) computers to look up hundreds of citizens' tax records inappropriately for four years, in what amounts to the largest data breach in the agency's history.

The tax inspector, who ran a personal business on the side, used the agency's system to access the tax records of high net worth individuals in what officials suspected was an attempt to further her business venture.

CRA investigators, who first became aware of the situation two years ago, searched the tax inspector's workstation and found 407 social insurance numbers written on scraps of paper. She appeared to have accessed the tax records for most of them, even though they did not appear to involve cases on which she was working.

The woman, who no longer works for the CRA, accessed the records illegitimately between 2005 and 2008.

The case surely will be embarrassing for the Canada Revenue Agency, which just last month was forced to release internal documents showing that dozens of citizens had their files misappropriated by workers.

Last year, the CRA found that another tax worker, based in Burnaby, BC, had been accessing taxpayer information of single women, one of which he later entered into a personal relationship. He had also accessed the tax information of his former common-law spouse, his mother and a co-worker.

The CRA said that it would not be contacting the taxpayers concerned, as the breach did not constitute a threat to their tax details. It was also working hard to improve its means of detecting unauthorized access, a spokesperson added.

Share this article:
close

Next Article in SC Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Almost 40 percent of Canada's Justice Department duped by phishing

Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.

Microsoft wavers on Canadian spam fears

Microsoft has reconsidered a move to cease security emails in Canada, following the introduction of an anti-spam law north of the border.

Underinvestment, poor communication plague Canadian cybersecurity

Canadian cybersecurity is languishing due to poor communication and disappointing security investments, according to research from the Ponemon Institute.