In 2020, a significant data breach affected multiple platforms run by the Government of Canada. This included the CRA My Account and My Service Canada Account, compromising the personal and financial details of over 47,000 Canadians. The breach led to fraudulent access, where stolen credentials were used to submit false Canada Emergency Response Benefit (CERB) applications in victims’ names.
Following these events, a class action lawsuit was initiated. Earlier this year, a federal court approved a settlement of $8.7 million to compensate those impacted by the breach. The claims portal for this settlement is anticipated to open soon, providing eligible Canadians with a six-month window to file their claims.
Eligibility Criteria for Claiming Funds
To qualify for compensation, individuals must have had their CRA My Account or My Service Canada Account compromised during the data breach, which occurred between June 15 and August 30, 2020. If KPMG has communicated with you regarding the settlement, you are likely eligible.
For direct verification of eligibility, Canadians can visit breachsettlementcanada.kpmg.ca. You will need to provide your last name, the last three digits of your Social Insurance Number (SIN), and your email address.
Important Dates for Filing Claims
The claims portal is not yet live. However, it is expected to become operational sometime this summer. The filing period will commence 60 days after the conclusion of the appeal window for the judgment approval.
Once the portal opens, eligible Canadians will have a six-month period to submit their claims. Claims can be filed through the portal or by calling 1-833-724-6160.
Compensation Breakdown
The compensation for affected individuals is divided into three categories:
- Up to $80: For time spent dealing with unauthorized access to your account.
- Up to $200: For addressing fraudulent use of your personal information, such as unauthorized CERB applications.
- Up to $5,000: For out-of-pocket expenses directly related to the breach, including credit monitoring, professional fees for identity theft, or unreimbursed financial losses.
For claims in the third category, proper documentation will be required. This includes receipts, bank statements, or invoices linking costs directly to the breach.
In summary, affected Canadians must act promptly to secure their rightful compensation following the CRA data breach. Stay informed about the claims process to ensure your eligibility is confirmed.
