Canada Revenue Agency

Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug

After learning that the Canada Revenue Agency (CRA) systems were vulnerable to the Heartbleed bug, the CRA acted quickly to protect taxpayer information by removing public access to its online services on April 8, 2014.  

Since then, the CRA worked around the clock to implement a “patch” for the bug, vigorously test all systems to ensure they were safe and secure, and re-launch our online services late yesterday.

Regrettably, the CRA has been notified by the Government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period. Based on our analysis to date, Social Insurance Numbers (SIN) of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability. We are currently going through the painstaking process of analyzing other fragments of data, some that may relate to businesses, that were also removed.

Continue reading

RCMP Statement
Frequently Asked Questions

Direct deposit

How to apply for direct deposit.

Continue reading Direct deposit

Direct deposit

Beware of fraudulent communications

They're a scam. The Canada Revenue Agency does not ask for personal information by email. Learn how to protect yourself.

Continue reading Beware of fraudulent communications

Beware of fraudulent communications

Do you owe taxes this year?

Post-date your payment with the CRA pre-authorized debit service.

Continue reading Do you owe taxes this year?

Do you owe taxes this year?

First-time donor's super credit

First-time donors may be eligible for an additional non-refundable tax credit of $250.

Watch the ad First-time donor's super credit

First-time donor's super credit

Community Volunteer Income Tax Program - Need a hand to prepare your tax return?

Continue reading Need a hand to prepare your tax return?

Community Volunteer Income Tax Program

Sustainable development at the CRA

Last year alone, electronic tax filing saved an estimated 771 million sheets of paper. Find out what else the CRA is doing to contribute to sustainable development.

Continue reading Sustainable development at the CRA

Sustainable development at the CRA

News

Email list sign-up | RSS feeds
More news and updates

Learn more / Get help

Fraudulent emails and phone calls – Protect yourself!

The CRA is warning Canadians that fraudulent emails and phone calls purporting to be from the Agency are currently being reported. Find out more about these scams and learn how you can protect yourself.

Statement by the Commissioner of the Canada Revenue Agency on the Heartbleed bug

After learning that the Canada Revenue Agency (CRA) systems were vulnerable to the Heartbleed bug, the CRA acted quickly to protect taxpayer information by removing public access to its online services on April 8, 2014.  

Since then, the CRA worked around the clock to implement a “patch” for the bug, vigorously test all systems to ensure they were safe and secure, and re-launch our online services late yesterday.

Regrettably, the CRA has been notified by the Government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period. Based on our analysis to date, Social Insurance Numbers (SIN) of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability. We are currently going through the painstaking process of analyzing other fragments of data, some that may relate to businesses, that were also removed.

Continue reading

RCMP Statement
Frequently Asked Questions

Benefit payment dates