Canadian charged in 'Heartbleed' attack on tax agency
Published on Apr 17, 2014 3:48 AM
OTTAWA (REUTERS) - Canadian police have arrested a 19-year-old man and charged him in connection with exploiting the "Heartbleed" bug to steal taxpayer data from a government website, the Royal Canadian Mounted Police (RCMP) said on Wednesday.
In what appeared to be the first report of an attack using a flaw in software known as OpenSSL, the Canada Revenue Agency (CRA) said this week that about 900 social insurance numbers and possibly other data had been compromised as a result of an attack on its site.
The suspect, Stephen Solis-Reyes, was arrested at his home in London, Ontario on Wednesday and faces criminal charges of unauthorised use of computer and mischief in relation to data. "It is believed that Solis-Reyes was able to extract private information held by CRA by exploiting the vulnerability known as the Heartbleed bug," the RCMP said in a statement.
Police seized Solis-Reyes computer equipment and scheduled his court appearance for July 17, 2014.
To continue reading, log in if you are a subscriber
If you are not a subscriber, you can get instant, unlimited access here