Halifax-area man shares his experience after CRA cyberattack

The Canada Revenue Agency has offices across the country, including this one in Winnipeg. FRANCIS VACHON/THE CANADIAN PRESS IMAGES

Bedford man who had his personal information stolen says he’s frustrated the CRA did not properly inform him he was part of the security breach this summer.

‘The account was in my name in Orleans, Ontario and in the account was my CPP.’

A man from Bedford, N.S., is sharing his experience of having his personal information stolen in the hopes of warning others.Len Goucher says he was among the 5,500 individuals whose information was compromised during a series of cyberattacks on the Canada Revenue Agency (CRA).

The CRA announced the security breach in August, saying that thousands of usernames and passwords were compromised.Read more:What to know (and do) about the CRA breach and shutdownInitially, Goucher wasn’t worried. He knew the CRA was alerting individuals affected and didn’t receive any sort of notification, but then later that month he grew concerned when his Canada Pension Plan (CPP) payment was never deposited into his account.

“I noticed the (Old Age Security) was there but the CPP wasn’t. My wife’s was there, but mine wasn’t,” said Goucher.Story continues below advertisementAfter making some calls, he learned the payment had been deposited but into a different account.“The account was in my name in Orleans, Ont., and in the account was my CPP,” he said.

4:09Better Business Bureau shares cyber tips after CRA hackBetter Business Bureau shares cyber tips after CRA hackIn addition to CPP, the account also had two Canada Emergency Response Benefit (CERB) deposits of $2,000 each.Goucher is retired so he knew he didn’t qualify for CERB and immediately alerted the CRA, as well as the RCMP. His account has since been frozen and he will have to personally call before accessing anything.

Trending StoriesCanadians’ view of U.S. drops to lowest level in nearly 2 decades: pollIt’s inconvenient, Goucher says, but adds he is glad he was able to catch things early. However, he knows that not everyone is so lucky.In a statement, the Canada Revenue Agency said it has noticed an increase in scams targeting taxpayers in the past few years with a focus on the Canada Emergency Response Benefit.

Story continues below advertisementCRA resumes online services after cyberattacks, adds new security featuresGoucher says he is frustrated at the lack of communication from the CRA. It was only after he sorted out the issue, in September, that he finally received a letter from the CRA alerting him of possible fraudulent activity, and even then he says the letter does not acknowledge the CRA had any security breach.

“Regrettably we have been made aware that the login credentials that you use to access certain online sites and applications such as user IDs and passwords may have been acquired and used by external actors,” the letter reads.“They tried to make it look like it was my fault, and that’s wrong,” said Goucher.

“I didn’t do anything wrong and I’m sure anybody in that breach, none of them did anything wrong.”Goucher says he would like the CRA to be more transparent with taxpayers affected, and to ensure they take their own cybersecurity seriously.Goucher has thankfully had his CPP redirected back to his account and is speaking out to encourage everyone to keep a close eye on all accounts and report anything suspicious.

“You’ve got to check your accounts because if you don’t, things can go south very very quickly.”Story continues below advertisementThousands of CRA, government service accounts targeted by hackers in ‘credential stuffing’ attacksThousands of CRA, government service accounts targeted by hackers in ‘credential stuffing’ attacks

“We want to assure all confirmed victims of identity fraud that they will not be held responsible for any money paid out to scammers using their identity,” reads the statement provided by the CRA.“Also, the victims of identity fraud who are eligible for benefit payments will still receive those payments.”

Goucher says he is still worried that someone out there has his personal information and is not sure if there are other accounts that have been opened in his name that he is not aware of yet, but for now he’s taking things one step at a time.“These hackers they’re getting more creative, more deceptive and more covert so every month you’ve got to check, you really have to check because you just don’t know what’s going on behind your back.”