The federal government confirmed a cyberattack exposing emails and phone numbers linked to CRA, ESDC, and CBSA accounts. Image: The Canadian Press
A federal government cyber incident has exposed the emails and phone numbers of several Canadians linked to government accounts.
The breach affected users of the Canada Revenue Agency (CRA), Employment and Social Development Canada (ESDC), and Canada Border Services Agency (CBSA). Officials confirmed the breach after being alerted by a security partner last month.
How the Breach Was Detected
On August 17, cybersecurity provider 2Keys Corporation notified the government about unusual activity.
2Keys supplies the multi-factor authentication tool used for secure access to CRA, ESDC, and CBSA accounts.
The company discovered the breach, reported it quickly, and began working with federal officials.
External cybersecurity experts were brought in to assist with the investigation. Authorities stressed that the response was immediate, aiming to reduce risks for affected users.
What Information Was Compromised
Treasury Board of Canada Secretariat confirmed that only limited data was accessed.
Phone numbers tied to CRA and ESDC accounts were exposed.
Email addresses linked to CBSA accounts were also accessed.
The breach occurred between August 3 and August 15.
The vulnerability was traced back to a routine software update.
That update unintentionally created a gap, which hackers exploited.
How the Attack Was Carried Out
Authorities say the malicious actor used the stolen phone numbers to send spam text messages.
These messages contained a link to a fake government website designed to steal personal details.
Officials warned Canadians to avoid clicking on suspicious links and to remain cautious.
The Treasury Board noted that the fake website was quickly identified and blocked.
No evidence suggests that further sensitive data, such as banking or tax information, was compromised.
Government Response and Assurance
Officials emphasized that the incident was contained and systems have now been secured.
The multi-factor authentication service is fully restored and considered safe for continued use.
The Treasury Board reassured Canadians that there is “no indication of additional personal data being disclosed.”
Government cybersecurity teams continue to monitor for any further suspicious activity.
What Canadians Should Do
Experts recommend Canadians stay alert for phishing attempts.
Avoid sharing personal information through links received in unsolicited emails or texts.
If you receive a suspicious message claiming to be from the government, delete it immediately.
Users are also encouraged to regularly update passwords and enable two-step verification where available.
Why This Matters
Cyberattacks on government systems raise concerns about data safety and public trust.
Even limited breaches can open the door to scams targeting unsuspecting Canadians.
The government’s quick detection and response may have prevented a larger security fallout.
Canadians, however, remain at risk of phishing messages crafted from the stolen data.
While officials insist the damage was limited, the incident is a sharp reminder of growing cyber threats.
Canadians are urged to stay vigilant, watch for scams, and protect their personal information online.
