HEARTBLEED BUG BLEEDS SENSITIVE TAX INFORMATION
BY AINSLEY SMITH
In the heat of tax season, the Canada Revenue Agency has had to temporarily cut of off public access to its electronic services over a security concern linked to a flaw in the encryption software used on the agency’s website earlier this week, preventing Canadians from being able to file their taxes online. The security virus, titled the ‘Heartbleed’ bug, enables hackers to intercept usernames and passwords, e-mails and other private information.
Patrick Smith, a partner of Canadian accounting firm EPR, says they are no longer able to eFile client tax returns, which means that customers will be waiting for longer refunds.
“Without access to CRA official websites, we are also unable to access our clients Epass accounts which we access constantly this time of the year to confirm and verify client forward information, tax installments, tax slips, RRSP balances, TFSA balances, statuses of assessments and other vital information,” says Smith.
Smith still suggests taking full precaution to keep private information protected.
“In order to keep yourself protected you should have virus protection, spyware and malware protection, a firewall and you should be routinely updating your computers with updates. Confidential information should also be emailed using encrypted software.”
“The CRA has indicated that they will advance the 2014 tax deadline by the number of days that their servers were originally down. For our firm, we still look at April 30 as the deadline, as we still want to get all our tax work done by the end of the month,” says Smith.
Due to extreme circumstances such as this, customers will be delayed from submitting their personal taxes online, which would result in a delayed tax refund.
At publication , the suspect responsible for this crime has been identified and charged by the RCMP. Stephen Arthuro Solis-Reyes from London, Ontario was accused.
He is expected to appear in court on 17 July 2014