Canadians attempting to log in to the Canada Revenue Agency’s (CRA) online services Saturday were met with a “systems maintenance” notice instead.
Access to the country’s tax and benefits agency was taken offline on Friday after the CRA became aware of a cybersecurity vulnerability affecting organizations around the globe.
“There is currently no indication that CRA systems have been compromised, or that there has been unauthorized access to taxpayer information because of this vulnerability,” the agency said in a statement.
The CRA said it’s working to secure its systems against potential threats, and online services will resume as soon as possible.
The agency didn’t specify the source of the threat, but a critical vulnerability in a widely used software tool was recently made public.
The flaw in the software, used across industry and government alike, could potentially grant criminals, spies and even programming novices easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more.
At least one other public agency in Canada also responded to the threat by temporarily taking down online services.
Ontario’s Metrolinx, which manages the province’s GO Transit system, took down its online services Friday night after a warning from the federal government about a cybersecurity threat.
Services resumed Saturday afternoon after a 17-hour outage. Metrolinx said it upgraded security to protect it from the vulnerability and that no customer, personal or financial files were compromised.
With files from CP24’s Kerrisa Wilson and The Associated Press
