Heartbleed bug helps hackers steal data from Canada Revenue Agency
The Heartbleed bug cost the Canada Revenue Agency (CRA) 900 social insurance numbers, which were stolen by a hacker exploiting the OpenSSL flaw. The CRA shut its web services down for four days, beginning April 7, in order to patch the flaw, but an attacker managed to take advantage of the weakness in order to steal sensitive information in the six hours preceding that shutdown. Those who had their data stolen were informed via registered letters, and the RCMP arrested Stephen Arthuro Solis-Reyes, a 19-year-old London, Ontario man, in connection with the case. The son of a Western University computer science professor, Solis-Reyes is charged with unauthorized use of a computer and mischief in relation to data.