Michael T BabcockMar 7, 2025

For my fellow #sysadmin and #cyberSecurity people, this is a real problem (article at bottom). No matter how secure the web interface and back-end of a system is, you can never properly secure third party systems that interact with your back end. Note the third party factor. Sure you could provide libraries and secure interfaces, but one typo and poof* there goes system security.

https://www.cbc.ca/newsinteractives/features/whos-hacking-cra-accounts
#identityFraud #softwareDevelopment #security #softwareEngineering #banking

Who’s hacking CRA accounts?

Victims of identity theft across the country told CBC's The Fifth Estate that the Canada Revenue Agency wrongly blamed them for claiming bogus refunds. Our journalists set out to uncover the real scammers and where they've been spending taxpayers' money.

Show threadMichael T Babcock

Side note: if you run a business that has accidentally defrauded customers, chasing down #whisteblowers isn't going to help your cause.

https://www.cbc.ca/news/canada/cra-whistleblowers-bogus-refunds-1.7381266

#fraudResponse #fraud #hacked #taxRefunds

CRA launched 'witch hunt' against whistleblowers who exposed millions in bogus refunds, sources say | CBC News

The Canada Revenue Agency is on a “witch hunt” to find whistleblowers who may have spoken to the media and exposed how it has been repeatedly duped into paying out millions in bogus refunds to scammers, according to sources.

CBC
Mar 7, 2025 at 4:48pmWeb