Canada Revenue Agency spokeswoman Mylene Croteau said the agency is taking precautionary measures because of the threat known as "Heartbleed," an alarming global internet lapse in security that has exposed millions of passwords, credit card numbers and other sensitive bits of information to potential theft by computer hackers.
The breakdown revealed this week affects the encryption technology that is supposed to protect online accounts for emails, instant messaging and a wide range of electronic commerce. Security researchers who uncovered the threat are particularly worried about the breach because it went undetected for more than two years.
This is a busy time of year for the tax agency, as people file returns electronically and track the progress of refunds online.
As of the end of March, the agency had received 6.7 million returns, with 84 per cent filed electronically.
Also Read
"We're on top of this. We had our IT officials working throughout the night," Canada Revenue Minister Kerry-Lynne Findlay said.
"If the issue continues we'll keep posting updates at 3 PM every day," Croteau said.
Heartbleed creates an opening in SSL/TLS, an encryption technology marked by the small, closed padlock and "https:" on Web browsers to signify that traffic is secure. The flaw makes it possible to snoop on Internet traffic even if the padlock had been closed.
Interlopers could also grab the keys for deciphering encrypted data without the website owners knowing the theft had occurred, according to security researchers.
The problem affects only the variant of SSL/TLS known as OpenSSL, but that happens to be one of the most common on the Internet.