The Canadian government has agreed to pay $8.7 million to settle a class-action lawsuit related to a significant cyber attack that compromised the personal and financial information of over 48,000 Canadians. The breach occurred between June and August 2020, affecting several Government of Canada accounts, including those of the Canada Revenue Agency (CRA). Hackers exploited the breach to file fraudulent applications for benefits such as the Canadian Emergency Relief Benefit (CERB). The lawsuit was initiated by Todd Sweet after he discovered unauthorized changes to his CRA account. The settlement, which received court approval recently, offers affected individuals compensation for lost time and out-of-pocket expenses related to identity theft, with eligible claimants potentially receiving up to $5,000 for incurred costs.
Why It Matters
This settlement highlights the vulnerabilities in the cybersecurity measures protecting government services and the potential risks posed to personal data. Credential stuffing attacks, like the one experienced in this incident, have become increasingly common as hackers exploit weak security protocols. The breach not only affected individual privacy but also raised concerns about the integrity of government programs designed to provide financial support. With tens of thousands of Canadians impacted, the settlement serves as a reminder of the importance of stringent cybersecurity practices and the need for governmental accountability in safeguarding sensitive information.
Want More Context? 🔎
Loading PerspectiveSplit analysis...
