With regard to accounts locked by the Canada Revenue Agency (CRA) between March 13, 2021, and March 22, 2021, over concerns that usernames and passwords may have been hacked: (a) how many accounts were locked; (b) what was the average number of days impacted accounts were locked; (c) did the CRA notify each account holder in (a) that their account would be locked, and, if so, how were they contacted; (d) on what date did the CRA become aware that usernames and passwords may have been hacked; (e) how did the CRA become aware of the hacking; (f) is any recourse or compensation available to individuals whose information has been compromised as a result of their CRA information being hacked, and, if so, how do they access such recourse or compensation; and (g) have any specific measures been taken since March 13, 2021, to ensure the future safety of information shared online with the CRA, and, if so, what are the details of each measure, including the date of implementation?
In the House of Commons on May 10th, 2021. See this statement in context.