Canada Journal – News of the World Articles and videos to bring you the biggest Canadian news stories from across the country every day
Canadian police have arrested a 19-year-old man and charged him in connection with exploiting the “Heartbleed” bug to steal taxpayer data from a government website, the Royal Canadian Mounted Police (RCMP) said.
In what appeared to be the first report of an attack using a flaw in software known as OpenSSL, the Canada Revenue Agency (CRA) said this week that about 900 social insurance numbers and possibly other data had been compromised as a result of an attack on its site.
“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible,” said an official.
The incident was one of the most high-profile security breaches related to Heartbleed, a two-year old flaw related to the software that many companies and governments use to encrypt their website data. Security professionals reported the flaw two weeks and provided a patch, but it remains unclear how many people knew about or exploited the bug.
In the case of the Canadian tax agency, the man grabbed 900 Social Insurance Numbers, a form of tax ID that is akin to the Social Security Numbers used by Americans.
The RCMP statement says the investigation is still on-going and that Solis-Reyes is to appear in court in Ottawa in July.
Agencies/Canadajournal
