Canada Revenue offline

The Canada Revenue Agency has shut down public access to its electronic services website over security concerns related to the "Heartbleed Bug," a newly discovered software flaw that has made information on many of the world’s major websites vulnerable to theft.

In a message posted online, the agency said that it had temporarily closed its services site “to protect the security of taxpayer information."

In a statement released Wednesday morning, the agency confirmed that the site was closed due to concerns related to the "Heartbleed Bug."

"As a result of information received today concerning an Internet security vulnerability name Heartbleed Bug, as a preventative measure, the CRA has temporarily shut down public access to our electronic services to safeguard the integrity of the information we hold," the statement said.

Canadians can file their taxes online at the services site, and use CRA services such as EFILE, NETFILE, My Account, My Business Account and Represent a Client. The deadline for filing a 2013 tax return is April 30.

In the statement, CRA said it recognized that the closure was a "significant inconvenience" for Canadians who use its online services. It said it was working on resolving the issue and restoring online access as soon as possible, "in a manner that ensures the private information of Canadians remains safe and secure."

It added that consideration will also be given to taxpayers who are unable to file their taxes due to the service interruption.

The agency said it will provide an update on the situation daily at 3 p.m. ET on its home page until the situation is resolved.

Meanwhile, Internet security experts are warning people to change all of the passwords used to access websites and services on the Internet, in light of the "Heartbleed" bug, which has potentially exposed peoples' personal data, including passwords and credit card numbers.

The problem was discovered in an encryption technology that's commonly used to secure the content of emails, online financial transactions, instant messaging and social media posts.

The threat is particularly serious, because it went undiscovered for more than two years, experts say.

A software fix was released Monday for companies that use OpenSSL, the affected SSL/TLS encryption technology.

The bug was discovered by researchers at Google and Finnish security firm Codenomicon.


Comments are pre-moderated to ensure they meet our guidelines. Approval times will vary. Keep it civil, and stay on topic. If you see an inappropriate comment, please use the ‘flag’ feature. Comments are the opinions of the comment writer, not of Castanet. Comments remain open for one day after a story is published and are closed on weekends. Visit Castanet’s Forums to start or join a discussion about this story.

More Canada News

Parliament Hill
Parliament Hill Webcam
Recent Trending
Okanagan Oldies
Castanet Proud Member of RTNDA Canada