Several Hundred Social Insurance Numbers Stolen from Canada Revenue Agency via Heartbleed Bug

Posted by Techvibes NewsDesk

Personal data was stolen from the computers of the Canada Revenue Agency.

The CRA confirmed that nearly 1,000 social insurance numbers were compromised during a six-hour window of vulnerability caused by the Heartbleed Bug, despite the agency shutting down its public online services.

“Regrettably, the CRA has been notified by the Government of Canada’s lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period,” the CRA said in a statement this morning. “Based on our analysis to date, Social Insurance Numbers of approximately 900 taxpayers were removed from CRA systems by someone exploiting the Heartbleed vulnerability. We are currently going through the painstaking process of analyzing other fragments of data, some that may relate to businesses, that were also removed.”

“The agency will not be calling or emailing individuals to inform them that they have been impacted—we want to ensure that our communications are secure and cannot be exploited by fraudsters through phishing schemes,” the fiscal department added.

Instead the CRA will be notifying via snail mail.

Related Articles


blog comments powered by Disqus

Techvibes NewsDesk

Techvibes NewsDesk

Techvibes is Canada's leading technology media property.Founded in 2002, Techvibes covers technology and business news that impacts Canadians. We combine breaking local news with international coverage to deliver a unique balance of insight and information. The Techvibes Newsdesk covers a broad beat and publishes general news stories. If you have a story you would like covered, email... more



Who's Hiring



Recent Comments

Powered by Disqus