Vulnerability led the data of Canadian’s accessed by the hackers in the form of cyber attacks
Recently, the Canadian government Websites hit by a massive cyberattack by Hackers.
Due to which the government of Canada Temporarily Shut Down the Websites Services.
Last Saturday, CRA (Canada Revenue Agency) portal was targeted by hackers with large of traffic using a botnet to attack the services through the credential stuffing, More than 300,000 attempts of attacks are done by hackers to get access into accounts and more than 24 government systems are attacked.
Total, more than 11,000 out of 12 million personal accounts were Hacked which includes tax accounts and online portals accessing Covid-19 relief programs.
Most of these accounts are linked to GCKey.
GCKey is a secure portal that allows Canadians to access government services online, these services are also get affected.
There are total of 12 million active GCKey accounts in Canada in which more than 9,000 accounts are affected.
“Credential Stuffing” : Modern Type Reusing
The attacks are based on reused, old, and past hacked usernames and passwords. as a fact people use same and old passwords in their multiple accounts.
These types of attacks are called “credential stuffing”.
Compromised accounts connected to platform, which is used by about 30 federal departments, were shut down when the threat was first discovered.