It’s usually the Canada Revenue Agency (CRA) that sues taxpayers..Now, it’s taxpayers suing the CRA for a massive security breach that resulted in hundreds, if not thousands of cases of identity theft..The class action, initiated by Vancouver resident Todd Sweet, alleges the government agency was negligent in protecting users’ personal information by failing to detect a glitch in the system that allowed hackers to bypass even basic safeguards — such as his mother’s maiden name or favourite pet..Now he wants the courts to order the Government of Canada to pay compensation for, among other things, the alleged breach of privacy and credit monitoring services that may be required to repair the harm caused for potentially tens of thousands of users..In July, 2020, unknown hackers managed to log into thousands of online accounts using usernames and passwords stolen elsewhere on the web..They also managed to access social insurance numbers, banking information, phone numbers and addresses to steal someone’s identity — details which were subsequently circulated on the Dark Web .Coming as it did during the height of the pandemic, fraudulent user accounts were used to claim CERB cash and other benefits..The CRA initially said only 5,600 accounts were affected because it took early action to plug the leak, but the true number could be well over 25,000. More than 800,000 accounts were frozen in August 2020 when the payments were going out..One plaintiff’s affidavit — a retired IT security consultant — claimed he only learned of the scam after he got a notice for CERB benefits even though he was ineligible and his direct deposit information had changed. Three years later fraudsters are still attempting to buy cars in his name..The CRA attempted to have the suit dismissed on technical grounds and claims that damages were too inconsistent across plaintiffs to warrant a class action..But in a lengthy 87-page ruling, Judge Richard Southcott found the requirements for certification were met..In a statement on its website, CRA said: “The Government of Canada denies that it did anything wrong. A judge will decide who is right at trial.”.The date for that trial has not yet been set.
It’s usually the Canada Revenue Agency (CRA) that sues taxpayers..Now, it’s taxpayers suing the CRA for a massive security breach that resulted in hundreds, if not thousands of cases of identity theft..The class action, initiated by Vancouver resident Todd Sweet, alleges the government agency was negligent in protecting users’ personal information by failing to detect a glitch in the system that allowed hackers to bypass even basic safeguards — such as his mother’s maiden name or favourite pet..Now he wants the courts to order the Government of Canada to pay compensation for, among other things, the alleged breach of privacy and credit monitoring services that may be required to repair the harm caused for potentially tens of thousands of users..In July, 2020, unknown hackers managed to log into thousands of online accounts using usernames and passwords stolen elsewhere on the web..They also managed to access social insurance numbers, banking information, phone numbers and addresses to steal someone’s identity — details which were subsequently circulated on the Dark Web .Coming as it did during the height of the pandemic, fraudulent user accounts were used to claim CERB cash and other benefits..The CRA initially said only 5,600 accounts were affected because it took early action to plug the leak, but the true number could be well over 25,000. More than 800,000 accounts were frozen in August 2020 when the payments were going out..One plaintiff’s affidavit — a retired IT security consultant — claimed he only learned of the scam after he got a notice for CERB benefits even though he was ineligible and his direct deposit information had changed. Three years later fraudsters are still attempting to buy cars in his name..The CRA attempted to have the suit dismissed on technical grounds and claims that damages were too inconsistent across plaintiffs to warrant a class action..But in a lengthy 87-page ruling, Judge Richard Southcott found the requirements for certification were met..In a statement on its website, CRA said: “The Government of Canada denies that it did anything wrong. A judge will decide who is right at trial.”.The date for that trial has not yet been set.
