
The federal government will have to fork out $8.7 million to settle a class-action lawsuit after hackers got hold of sensitive information from government websites such as the Canada Revenue Agency.
During the first few months of the COVID-19 pandemic, hackers were able to gain access to 47,000 government accounts, which allowed them to apply for emergency benefits, such as the Canadian Emergency Relief Benefit and the Canadian Emergency Student Benefit.
The settlement was reached last December and was approved in court on Tuesday.
“I find that the proposed settlement is fair, reasonable, and in the best interests of the class as a whole,” Federal Court Justice Richard Southcott said in the decision, perCBC News.
Sensitive information exposed
Court documents noted data such as social insurance numbers, direct deposit information, tax information, birth dates, employment records, benefits information, and employment insurance were gathered by hackers, perThe Financial Post.
To settle the claims of the class-action, Ottawa will have to pay $8,760,500.90. This includes compensation, legal fees and taxes. Those whose personal or financial information was breached through hacking between March 1 and Dec. 1, 2020, are entitled to a part of the settlement.
Victims of the financial fraud can receive a settlement of up to $200, while those whose info was accessed but not used for fraud can get up to $80.
Those who had out-of-pocket expenses pertaining to the breach can access a special fund that offers up to $5,000 per person. Claimants are automatically included in the settlement.
What the CRA said
The class-action settlement ends a legal battle that has lasted several years, where victims claimed the federal government and the CRA allowed at least three cyberattacks to happen over the course of a year,CBC Newsreported.
The CRA declined to comment on the case specifically, noting that protecting the personal information of Canadians is a “priority.”
“No organization is immune to cyber incidents or fraudulent activity. This is why the CRA has robust systems and tools in place to monitor, detect, investigate and quickly address potential threats,” a CRA spokesperson said.