RCMP asked Canada Revenue to delay making breach public
‘Deferral’ allowed Mounties to pursue leads in case
The RCMP convinced the Canada Revenue Agency on Friday to delay for three days its announcement that hackers had taken the Social Insurance Numbers of approximately 900 Canadians, the national police says. The announcement came on Monday.
“This deferral permitted us to advance our investigation over the weekend, identify possible offender(s) and has helped mitigate further risk,” an RCMP statement issued Tuesday morning said.
According to the Mounties, “further access to data was no longer possible” after Friday afternoon.
Cpl. Lucy Shorey of the RCMP in Ottawa said she couldn’t say if arrests are imminent or if the suspects are located in Canada or overseas. CRA commissioner Andrew Treusch said in a prepared statement on Monday that the agency will not be calling or emailing individuals to tell them if they were targets.
Instead, they will be sent registered letters with a special 1-800 number to call for information, Treusch said.
Philippe Brideau of the CRA said that he couldn’t say when registered letters will be sent out.
The RCMP statement issued Tuesday said that its investigators “had identified a viable investigative path” at the time it successfully called upon the CRA to hold back on announcing the security breach.
Online tax filing services were shut down Wednesday and all other public federal websites were disabled Friday, prompting fears not only of a major security breach but of a tax crunch if Canadians were unable to file their tax returns on time.
The CRA has granted a five-day grace period for filing taxes after the traditional April 30 deadline in light of the disruption.