Canada Revenue Agency Breach

This is a interesting read. Though I really don’t want to call it a hack it’s more people’s bad practices when comes to passwords, and the lack of 2FA.

Follow up, hear is the official statement from the CRA

https://www.canada.ca/en/treasury-board-secretariat/news/2020/08/statement-from-the-office-of-the-chief-information-officer-of-the-government-canada-on-recent-credential-stuffing-attacks.html