In probably the most dramatic story of the year, the Royal Canadian Mounted Police arrested a 19-year-old man from London, Ont. who is believed to have used the Heartbleed computer bug to steal 900 social insurance numbers from the Canada Revenue Agency. This arrest only strengthened the Mounties’ reputation of always getting their man.
The RCMP’s National Division Integrated Technological Crime Unit (ITCU) said its operatives picked up Stephen Arthuro Solis-Reyes at his residence on April 15. He now faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data.
“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible. Investigators from National Division, along with counterparts in ‘O’ Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorization and liaising with our partners,” said Gilles Michaud, RCMP assistant commissioner.
Solis-Reyes is a second year computer science student at the University of Western Ontario (UWO) in London. His lawyer said Solis-Reyes surrendered peacefully to police.
The Heartbleed bug had a lasting impact on business. For example, The Canada Revenue Agency (CRA) shut down parts of its Web site citing safety and security concerns just as the deadline to file returns was fast approaching.
The CRA admitted the site shutdown is related to the Heartbleed bug, which enables attackers to steal encrypted information from email and Web sites.
The shutdown came just two weeks before the April 30 tax deadline. More than 6.7 million taxpayers had already filed their tax returns online by March 24. That number represented almost 84 per cent of expected tax returns. Before the shutdown, it was estimated that nearly 2,000 returns were filed per minute through the site.