Canadian Revenue Agency Uses Precautionary Measures
On March 10, 2017 the Canadian Revenue Agency (CRA) took their operations offline after discovering a potential security vulnerability. After 90 minutes, they were back online; however, by mid afternoon on Friday, they took their site offline again. The CRA assured users this was simply a precautionary measure, and they were not forced offline as a result of a successful attack.
By early evening on March 12th, the website was back up and fully functional. They continue to assure citizens their personal information remained secure, and the internet security vulnerabilities have been resolved. The CRA also reported by taking the systems offline, tax refunds will not be delayed and all electronic processing for tax returns have continued as normal.
Official Statement
The CRA released the following statement on their website,
“The Canada Revenue Agency (CRA) is pleased to report that all of its digital services were returned to service on Sunday, March 12 starting at 5:00 p.m. EDT. Individuals, businesses and representatives are now able to file returns, make payments, and access other digital services available through the CRA’s website, including all our secure portals.
The CRA takes the protection of Canadians’ tax information very seriously. Upon becoming aware of an internet vulnerability that affected some computer servers used by websites worldwide, the CRA acted quickly to temporarily take down our online services, including electronic filing, and put in place the necessary maintenance security patches to ensure that all information and systems remained safe. We took this action as a precaution, not as the result of a successful hack or breach.
Tax returns filed have continued to be processed normally throughout the digital service interruption. Canadians should not expect a delay in getting their refund. If you question whether or not the CRA has received your return, you and the CRA have certainty on the filing of returns through a confirmation code that is issued only upon successful transmission. If you did receive a code, your return was successfully filed.
In the last 48 hours, the CRA has worked around the clock with other government departments to implement a solution to address the vulnerability. We are now confident that the solution has been rigorously and successfully tested and services returned online.
The Agency is grateful for the collaboration of the public and our stakeholders, including our Community Volunteer Income Tax Program volunteers, the tax preparer community and the business community, for their cooperation and patience as we worked to resolve this service interruption. We appreciate that this interruption may have been inconvenient and we thank everyone for their patience.”
