facebook
twitter
rss
account
search
search
 

Canadian Police make first Heartbleed-related arrest

The Canada Revenue Agency said that more than 900 social insurance numbers, similar to U.S. Social Security numbers, had been stolen.
By Ananth Baliga   |   April 16, 2014 at 5:17 PM   |   Comments

http://cdnph.upi.com/sv/em/i/UPI-6341397681125/2014/1/13974941454435/Canadian-Police-make-first-Heartbleed-related-arrest.jpg
LONDON, Ontario, April 16 (UPI) -- Canadian police said Wednesday a 19-year-old student was charged with stealing confidential taxpayer data using the Internet security flaw called Heartbleed Bug.

The Royal Canadian Mounted Police said they had arrested Stephen Arthuro Solis-Reyes Tuesday for stealing taxpayer data from the Canadian Revenue Agency's website last Friday. Solis-Reyes was arrested from his home in London, Ontario, and his computer equipment was seized as well.

"It is believed that Solis-Reyes was able to extract private information held by CRA by exploiting the vulnerability known as the Heartbleed bug," the RCMP said in a statement.

Solis-Reyes, who is a computer science major at Western University, is facing two charges under the Canadian Criminal Code and is scheduled to appear in court on July 17, according to the RCMP.

Canada's tax authority made public two days ago that someone had acted with malicious intent and accessed 900 social insurance numbers -- similar to U.S. Social Security numbers -- from its systems. While the tax agency knew about the breach Friday, the RCMP asked the agency to withhold disclosing the breach till Monday.

"Regrettably, the CRA has been notified by the government of Canada's lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period last week," the agency said on a message posted to its homepage on Monday.

The Heartbleed bug was first made public a week ago by Google and Finnish security firm Codenomicon, who identified the flaw independently. The flaw gave hackers access to 64 KB of unencrypted data as encrypted data travelled across the network.

Security experts warn that more attacks could be revealed soon, as governments and private firms determine whether they lost data to the vulnerability.

[MarketWatch]
[BBC]
[RCMP]

Follow @antbaliga and @UPI on Twitter.
Contact the Author
Topics: Google
© 2014 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Most Popular
1
Gazprom: Hungary ready for South Stream Gazprom: Hungary ready for South Stream
2
Poland, Pakistan, Lebanon seek U.S. military hardware Poland, Pakistan, Lebanon seek U.S. military hardware
3
Thales receives low-rate production contract for new assault rifle Thales receives low-rate production contract for new assault rifle
4
Report: Billionaires are hoarding mountains of cash
5
Canada decides to retire two guided missile destroyers Canada decides to retire two guided missile destroyers
Trending News
Video
x
Feedback