Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Government of Canada

Government of Canada Vendor Cyber Rating & Cyber Score

canada.ca

The Government of Canada works on behalf of Canadians, both at home and abroad. Visit www.Canada.ca to learn more. Canada’s professional, non-partisan public service is among the best in the world, and many of its departments and agencies place in Canada’s Top 100 Employers year after year. If you are interested in joining our diverse and innovative team, visit www.jobs.gc.ca for information and opportunities. Terms: https://www.canada.ca/en/transparency/terms.html Le gouvernement du Canada œuvre au nom des Canadiens, tant au pays qu’à l’étranger. Consultez le site www.canada.ca pour en savoir plus. Impartiale et professionnelle, la fonction publique du Canada fait partie de l’élite mondiale. Bon nombre de ses ministères et


GC A.I CyberSecurity Scoring

GC
Company Information
Website:http://canada.ca
Employees number:145,761
Number of followers:439,893
NAICS:92
Industry Type:Government Administration
Homepage:canada.ca
GC Risk Score (AI oriented)
Between 750 and 799
logo
GCGovernment Administration
Updated:
02/04/2026
797/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
GC Global Score (TPRM)
xxxx
logo
GCGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

GC
GCFair
Current Score
797Baa (FAIR)
01000
3 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
798Before Incident
JUNE 2026
797Before Incident
MAY 2026
797Before Incident
APRIL 2026
797Before Incident
MARCH 2026
797Before Incident
FEBRUARY 2026
797Before Incident
JANUARY 2026
796Before Incident
DECEMBER 2025
780Before Incident
NOVEMBER 2025
780Before Incident
OCTOBER 2025
779Before Incident
SEPTEMBER 2025
779Before Incident
AUGUST 2025
779Before Incident
MARCH 2020
770Before Incident
Cyber Attack
01 Mar 2020GC
Government of Canada: Canadians could claim up to $5,000 in proposed CRA settlement

Canada Revenue Agency (CRA) and Government of Canada Credential Stuffing Attack

755After Incident
CRITICAL-15
GOV1766174849
Canada Proposes Class-Action Settlement for 2020 Credential Stuffing Attacks on Government Accounts In August 2020, the Canadian government faced credential stuffing attacks targeting the GCKey service and Canada Revenue Agency (CRA) accounts, exposing the personal and financial data of Canadians. The breach prompted a class-action lawsuit filed by Todd Sweet, who alleged that inadequate security measures allowed unauthorized access to government portals, enabling fraudsters to exploit accounts—including filing fraudulent claims for the Canada Emergency Response Benefit (CERB). A proposed settlement was reached in October 2025, with court approval pending for March 31, 2026. The government acknowledged persistent cyber threats but confirmed that affected individuals would be notified directly. ### Eligibility & Compensation Eligible class members include those whose Government of Canada Online Accounts (CRA, My Service Canada, or GCKey-linked accounts) were accessed without authorization between March 1 and December 31, 2020. However, only victims of the June 15–August 30, 2020 credential stuffing attacks—where data was either accessed or used fraudulently—may qualify for payments. Compensation varies by impact: - Access claims: Up to $80 ($20/hour for 4 hours) for time spent addressing the breach. - Fraud claims: Up to $200 ($20/hour for 10 hours) if personal data was used for fraud (e.g., CERB fraud). - Special compensation fund: Up to $5,000 for out-of-pocket expenses (e.g., fraud losses, identity theft fees). Eligible individuals will receive instructions post-approval, with no immediate action required. The final payout amounts may be adjusted based on the number of claims.
INCIDENT DETAILS -
TYPE
Credential Stuffing
MOTIVATION
Financial gain (fraudulent CERB applications)
IMPACT
Data Compromised: Personal and financial informationCRA accountsMy Service Canada accountsGCKey serviceOperational Impact: Unauthorized access to government benefits systemsBrand Reputation Impact: Significant (allegations of negligence)Legal Liabilities: Class-action lawsuit and proposed settlementIdentity Theft Risk: High (fraudulent benefit applications)
DATA BREACH
Personal informationFinancial informationSensitivity Of Data: High (personally identifiable and financial information)Personally Identifiable Information: Yes
AUGUST 2018
802Before Incident
Data Leak
01 Aug 2018GC
Government of Canada

Canadian Government Data Exposure via Trello

753After Incident
HIGH-49
GOV12181122
The governments of Canada was exposed to the entire internet details of software bugs and security plans, as well as passwords for servers, official internet domains, conference calls, and an event-planning system by misconfiguring pages on Trello, a project management website. 25 Canadian government trello boards had sensitive information, such as remote file access, or FTP, credentials, and login details for the Eventbrite event-planning platform. The government of Canada said, Departments and agencies of the Government of Canada must apply adequate security controls to protect their users, information, and assets. Employees are being reminded of their obligation never to communicate or store sensitive information on Trello boards or any other unauthorized digital tool or service.
INCIDENT DETAILS -
TYPE
Data Exposure
IMPACT
software bugssecurity plansserver passwordsofficial internet domainsconference callsevent-planning system detailsTrello boards
DATA BREACH
software bugssecurity plansserver passwordsofficial internet domainsconference callsevent-planning system detailsSensitivity Of Data: High
JUNE 2015
812Before Incident
Cyber Attack
01 Jun 2015GC
Government of Canada

Cyberattack on Canadian Government Websites

792After Incident
CRITICAL-20
GOV192330422
Several Canadian government websites and servers were targeted in a cyberattack by the hacking group Anonymous. The attack affected several websites for government services, including canada.ca, as well as the site of Canada’s spy agency, the Canadian Security Intelligence Service (CSIS). The attack was aimed to show their retaliation for a new anti-terrorism law passed by Canada’s politicians.
INCIDENT DETAILS -
TYPE
Cyberattack
MOTIVATION
Retaliation for a new anti-terrorism law
IMPACT
canada.caCSIS website

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for GC ?
?
What was GC's A.I Rankiteo Cyber Score in June 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in May 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in April 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in March 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in February 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in January 2026 ?
?
What was GC's A.I Rankiteo Cyber Score in December 2025 ?
?
What was GC's A.I Rankiteo Cyber Score in November 2025 ?
?
What was GC's A.I Rankiteo Cyber Score in October 2025 ?
?
What was GC's A.I Rankiteo Cyber Score in September 2025 ?
?
What was GC's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on GC's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with GC ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view GC's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?