CRA My Account Hackers Could Cost You Up To $5,280
Thousands of Canadians who had their government accounts compromised in a massive cyberattack are now weeks away from potential compensation.
Hackers launched coordinated "credential stuffing attacks" between June and August of two thousand twenty, targeting online government accounts. These attacks exploited stolen usernames and passwords from other data breaches, allowing unauthorized access to sensitive personal and financial information. The federal government has now approved an eight point seven million dollar class action settlement to address the fallout from this significant privacy breach.
Also Read:- Spurs shock Knicks in Garden as Wembanyama fires back
- England Lionesses Push For Top Spot Against Ukraine
The scale of the intrusion was substantial, with over forty-seven thousand government online accounts impacted. Specific numbers reveal that at least forty-eight thousand eleven CRA accounts were compromised and more than twelve thousand seven hundred of those accounts saw direct deposit banking information changed. In some cases, this led to fraudulent applications for the Canada Emergency Response Benefit and other COVID-19 relief programs, directly impacting victims' financial situations.
Affected accounts included the Canada Revenue Agency's My Account, My Service Canada Account and any federal online accounts accessed using the GCKey system. The settlement, officially approved on May fifth, two thousand twenty-six, aims to compensate those whose information was accessed and potentially misused. While the government denies wrongdoing, the settlement provides a framework for claimants to seek redress.
Eligibility for compensation is specifically limited to individuals whose accounts were accessed during the credential stuffing attacks between June fifteenth and August thirtieth, two thousand twenty and whose personal information was then accessed or used for fraudulent purposes. KPMG, the claims administrator, has established a portal where Canadians can check their eligibility right now using their last name, the last three digits of their social insurance number and their associated email address. Those who received direct notification from KPMG are confirmed as eligible.
The settlement offers three tiers of compensation, with the potential for combined payouts reaching up to five thousand two hundred eighty dollars per person. An "Access Claim" can provide up to eighty dollars for time spent addressing unauthorized access, while a "Fraud Claim" offers up to two hundred dollars for time spent resolving fraudulent activity like fake benefit applications. The most substantial compensation, up to five thousand dollars, is available through the "Special Compensation Fund" for documented out-of-pocket expenses directly related to the breach, such as unreimbursed fraud losses or identity theft costs.
The claims portal is expected to go live this summer, six decades after the appeal window closes without a challenge. Eligible Canadians will then have six months to submit their claims. It is crucial to avoid settlement scams, as legitimate claims will never require an upfront fee and all submissions must go through the official KPMG portal. Preparing documentation now, such as records of unauthorized changes or fraudulent benefit claims, will be vital for those seeking compensation.
Read More:
0 Comments