Heartbleed bug helps hackers steal data from Canada Revenue Agency


The Heartbleed bug cost the Canada Revenue Agency (CRA) 900 social insurance numbers, which were stolen by a hacker exploiting the OpenSSL flaw. The CRA shut its web services down for four days, beginning April 7, in order to patch the flaw, but an attacker managed to take advantage of the weakness in order to steal sensitive information in the six hours preceding that shutdown. Those who had their data stolen were informed via registered letters, and the RCMP arrested Stephen Arthuro Solis-Reyes, a 19-year-old London, Ontario man, in connection with the case. The son of a Western University computer science professor, Solis-Reyes is charged with unauthorized use of a computer and mischief in relation to data.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.