Canada Revenue Agency grappling with more unauthorized access

A tax inspector in Vancouver, British Columbia used the Canada Revenue Agency's (CRA) computers to look up hundreds of citizens' tax records inappropriately for four years, in what amounts to the largest data breach in the agency's history.

The tax inspector, who ran a personal business on the side, used the agency's system to access the tax records of high net worth individuals in what officials suspected was an attempt to further her business venture.

CRA investigators, who first became aware of the situation two years ago, searched the tax inspector's workstation and found 407 social insurance numbers written on scraps of paper. She appeared to have accessed the tax records for most of them, even though they did not appear to involve cases on which she was working.

The woman, who no longer works for the CRA, accessed the records illegitimately between 2005 and 2008.

The case surely will be embarrassing for the Canada Revenue Agency, which just last month was forced to release internal documents showing that dozens of citizens had their files misappropriated by workers.

Last year, the CRA found that another tax worker, based in Burnaby, BC, had been accessing taxpayer information of single women, one of which he later entered into a personal relationship. He had also accessed the tax information of his former common-law spouse, his mother and a co-worker.

The CRA said that it would not be contacting the taxpayers concerned, as the breach did not constitute a threat to their tax details. It was also working hard to improve its means of detecting unauthorized access, a spokesperson added.