Canada police nab young man in Heartbleed data theft
A Royal Canadian Mounted Police (RCMP) officer checks a security perimeter in front of the Parliament building in Ottawa, Ontario, Canada on February 19, 2009
Federal police said Wednesday they have arrested and charged a 19-year-old man in the theft of 900 Canadian taxpayers' data, which was made vulnerable by the "Heartbleed" bug.
The Royal Canadian Mounted Police (RCMP) said Stephen Arthuro Solis-Reyes was arrested at his London, Ontario home on Tuesday without incident.
He is scheduled to appear in court on Thursday to face charges of mischief and unauthorized use of a computer to steal data from the Canada Revenue Agency (CRA)'s website.
"It is believed that Solis-Reyes was able to extract private information held by the CRA by exploiting the security vulnerability known as the Heartbleed Bug," the RCMP said in a statement.
The suspect was tracked down within four days after what CRA Assistant Commissioner Gilles Michaud had described as a serious security breach.
Police said computer equipment was seized at the suspect's home, and that the investigation is still ongoing.
The Canada Revenue Agency said 900 social insurance numbers—personal nine-digit codes required for working or accessing government benefits in Canada—had been stolen last week by "someone exploiting the Heartbleed vulnerability."
Its website was shuttered for several days over concerns about the Heartbleed bug.
It was rebooted over the weekend after a patch was installed.
The recently-discovered flaw in online-data scrambling software OpenSSL allows hackers to eavesdrop on online communications, steal data, impersonate websites and unlock encrypted data.
OpenSSL is commonly used to protect passwords, credit card numbers and other data sent via the Internet.
More than half of websites use the software, but not all versions have the same vulnerability, according to heartbleed.com.
Cybersecurity firm Fox-It estimates that the vulnerability has existed for about two years, since the version of OpenSSL at issue was released.
Explore further:Canadians' tax data stolen in Heartbleed breach
© 2014 AFP
More from Physics Forums - General Physics
Related Stories
Canadians' tax data stolen in Heartbleed breach
Apr 14, 2014
Personal data for as many as 900 Canadian taxpayers was stolen after being made vulnerable by the "Heartbleed" bug, officials in Ottawa said on Monday.
Heartbleed bug shutters more Canadian gov't websites
Apr 11, 2014
Canada's government on Friday ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.
Canada shutters tax filing website over 'Heartbleed' bug
Apr 09, 2014
Canada's tax agency shuttered its website Wednesday after warning that encrypted taxpayer data could be vulnerable to the "Heartbleed" bug.
'Heartbleed' hits 1.5 million users of UK parenting website
Apr 14, 2014
British parenting website Mumsnet is the latest organisation to have been hacked due to the "Heartbleed" bug, founder Justine Roberts revealed on Monday.
'Heartbleed' bug a critical Internet illness
Apr 11, 2014
The "Heartbleed" flaw in Internet security is as critical as the name implies and wider spread than first believed. Warnings about the danger exposed early this week reached widening circles on Thursday, with everyone from website o ...
NSA denies exploiting 'Heartbleed' vulnerability
Apr 11, 2014
The US National Security Agency on Friday denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
Recommended for you
'Heartbleed' fix may slow Web performance
23 hours ago
The heartache from the Heartbleed Internet flaw is not over, and some experts say the fix may lead to online disruption and confusion.
Cybersecurity researchers roll out a new Heartbleed solution
Apr 15, 2014
(Phys.org) —As companies scrambled in recent days to address the latest cybersecurity bug known as Heartbleed, researchers at The University of Texas at Dallas had a solution that fixes the vulnerability, ...
18% of US Internet users had data stolen, survey finds
Apr 14, 2014
Some 18 percent of US Internet users have had important personal data such as bank account information stolen and the problem appears to be getting worse, a survey showed Monday.
Many home computer users "too lazy" to protect online security
Apr 14, 2014
Nicole Braun, who will be graduating in May with a PhD in Information Systems, set out to understand why many home users do not adequately protect themselves online, despite extensive media coverage about the risks.
German space research centre under espionage attack
Apr 13, 2014
Germany's aeronautics and space research centre has for months been the target of a suspected cyber attack by a foreign intelligence service, a German news weekly reported Sunday.
NSC backs disclosing software vulnerabilities
Apr 13, 2014
Disclosing vulnerabilities in commercial and open source software is in the national interest and shouldn't be withheld from the public unless there is a clear national security or law enforcement need, President Barack Obama's ...
User comments : 0
More news stories
Microsoft CEO is driving data-culture mindset
(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...
Review: Forward to the past with Windows update
Even as Microsoft prepares for a future dominated by touch-screen devices, it is steering its Windows system to embrace more of the past.
Quantenna promises 10-gigabit Wi-Fi by next year
(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...
Patent talk: Google sharpens contact lens vision
(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...
Floating nuclear plants could ride out tsunamis
When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...
Computers beat brainpower when it comes to counting stars
A team of University of Sydney astronomers has developed a new way to automatically classify huge numbers of astronomical objects, and to discover new, exotic ones almost as soon as they happen.
Information storage for the next generation of plastic computers
Inexpensive computers, cell phones and other systems that substitute flexible plastic for silicon chips may be one step closer to reality, thanks to research published on April 16 in the journal Nature Communications.
Red moon at night; stargazer's delight
Monday night's lunar eclipse proved just as delightful as expected to those able to view it. On the East Coast, cloudy skies may have gotten in the way, but at the National Science Foundation's National Optical ...
Two new species of yellow-shouldered bats endemic to the Neotropics
Lying forgotten in museum collections two new species of yellow-shouldered bats have been unearthed by scientists at the American Museum of New York and The Field Museum of Natural History and described in ...
Obesity can amplify bone and muscle loss, researchers say
Florida State University researchers have identified a new syndrome called "osteosarcopenic obesity" that links the deterioration of bone density and muscle mass with obesity.
Javascript is currently disabled in your web browser. For full site functionality, it is necessary to enable Javascript. In order to enable it, please see these instructions.© Phys.org™ 2003-2013, Science X network
A Royal Canadian Mounted Police (RCMP) officer checks a security perimeter in front of the Parliament building in Ottawa, Ontario, Canada on February 19, 2009
Federal police said Wednesday they have arrested and charged a 19-year-old man in the theft of 900 Canadian taxpayers' data, which was made vulnerable by the "Heartbleed" bug.
The Royal Canadian Mounted Police (RCMP) said Stephen Arthuro Solis-Reyes was arrested at his London, Ontario home on Tuesday without incident.
He is scheduled to appear in court on Thursday to face charges of mischief and unauthorized use of a computer to steal data from the Canada Revenue Agency (CRA)'s website.
"It is believed that Solis-Reyes was able to extract private information held by the CRA by exploiting the security vulnerability known as the Heartbleed Bug," the RCMP said in a statement.
The suspect was tracked down within four days after what CRA Assistant Commissioner Gilles Michaud had described as a serious security breach.
Police said computer equipment was seized at the suspect's home, and that the investigation is still ongoing.
The Canada Revenue Agency said 900 social insurance numbers—personal nine-digit codes required for working or accessing government benefits in Canada—had been stolen last week by "someone exploiting the Heartbleed vulnerability."
Its website was shuttered for several days over concerns about the Heartbleed bug.
It was rebooted over the weekend after a patch was installed.
The recently-discovered flaw in online-data scrambling software OpenSSL allows hackers to eavesdrop on online communications, steal data, impersonate websites and unlock encrypted data.
OpenSSL is commonly used to protect passwords, credit card numbers and other data sent via the Internet.
More than half of websites use the software, but not all versions have the same vulnerability, according to heartbleed.com.
Cybersecurity firm Fox-It estimates that the vulnerability has existed for about two years, since the version of OpenSSL at issue was released.
Explore further:Canadians' tax data stolen in Heartbleed breach
© 2014 AFP
More from Physics Forums - General Physics
Related Stories
Canadians' tax data stolen in Heartbleed breach
Apr 14, 2014
Personal data for as many as 900 Canadian taxpayers was stolen after being made vulnerable by the "Heartbleed" bug, officials in Ottawa said on Monday.
Heartbleed bug shutters more Canadian gov't websites
Apr 11, 2014
Canada's government on Friday ordered all federal department websites vulnerable to the "Heartbleed" bug to be shut down.
Canada shutters tax filing website over 'Heartbleed' bug
Apr 09, 2014
Canada's tax agency shuttered its website Wednesday after warning that encrypted taxpayer data could be vulnerable to the "Heartbleed" bug.
'Heartbleed' hits 1.5 million users of UK parenting website
Apr 14, 2014
British parenting website Mumsnet is the latest organisation to have been hacked due to the "Heartbleed" bug, founder Justine Roberts revealed on Monday.
'Heartbleed' bug a critical Internet illness
Apr 11, 2014
The "Heartbleed" flaw in Internet security is as critical as the name implies and wider spread than first believed. Warnings about the danger exposed early this week reached widening circles on Thursday, with everyone from website o ...
NSA denies exploiting 'Heartbleed' vulnerability
Apr 11, 2014
The US National Security Agency on Friday denied a report claiming it was aware of and even exploited the "Heartbleed" online security flaw to gather critical intelligence.
Recommended for you
'Heartbleed' fix may slow Web performance
23 hours ago
The heartache from the Heartbleed Internet flaw is not over, and some experts say the fix may lead to online disruption and confusion.
Cybersecurity researchers roll out a new Heartbleed solution
Apr 15, 2014
(Phys.org) —As companies scrambled in recent days to address the latest cybersecurity bug known as Heartbleed, researchers at The University of Texas at Dallas had a solution that fixes the vulnerability, ...
18% of US Internet users had data stolen, survey finds
Apr 14, 2014
Some 18 percent of US Internet users have had important personal data such as bank account information stolen and the problem appears to be getting worse, a survey showed Monday.
Many home computer users "too lazy" to protect online security
Apr 14, 2014
Nicole Braun, who will be graduating in May with a PhD in Information Systems, set out to understand why many home users do not adequately protect themselves online, despite extensive media coverage about the risks.
German space research centre under espionage attack
Apr 13, 2014
Germany's aeronautics and space research centre has for months been the target of a suspected cyber attack by a foreign intelligence service, a German news weekly reported Sunday.
NSC backs disclosing software vulnerabilities
Apr 13, 2014
Disclosing vulnerabilities in commercial and open source software is in the national interest and shouldn't be withheld from the public unless there is a clear national security or law enforcement need, President Barack Obama's ...
User comments : 0
More news stories
Microsoft CEO is driving data-culture mindset
(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...
Review: Forward to the past with Windows update
Even as Microsoft prepares for a future dominated by touch-screen devices, it is steering its Windows system to embrace more of the past.
Quantenna promises 10-gigabit Wi-Fi by next year
(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...
Patent talk: Google sharpens contact lens vision
(Phys.org) —A report from Patent Bolt brings us one step closer to what Google may have in mind in developing smart contact lenses. According to the discussion Google is interested in the concept of contact ...
Floating nuclear plants could ride out tsunamis
When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...
Computers beat brainpower when it comes to counting stars
A team of University of Sydney astronomers has developed a new way to automatically classify huge numbers of astronomical objects, and to discover new, exotic ones almost as soon as they happen.
Information storage for the next generation of plastic computers
Inexpensive computers, cell phones and other systems that substitute flexible plastic for silicon chips may be one step closer to reality, thanks to research published on April 16 in the journal Nature Communications.
Red moon at night; stargazer's delight
Monday night's lunar eclipse proved just as delightful as expected to those able to view it. On the East Coast, cloudy skies may have gotten in the way, but at the National Science Foundation's National Optical ...
Two new species of yellow-shouldered bats endemic to the Neotropics
Lying forgotten in museum collections two new species of yellow-shouldered bats have been unearthed by scientists at the American Museum of New York and The Field Museum of Natural History and described in ...
Obesity can amplify bone and muscle loss, researchers say
Florida State University researchers have identified a new syndrome called "osteosarcopenic obesity" that links the deterioration of bone density and muscle mass with obesity.
Javascript is currently disabled in your web browser. For full site functionality, it is necessary to enable Javascript. In order to enable it, please see these instructions.© Phys.org™ 2003-2013, Science X network