Canadian police nab young man in Heartbleed data theft
April 18, 2014, 12:31 am TWN
OTTAWA, Canada--Federal police said Wednesday they have arrested and charged a 19-year-old man in the theft of 900 Canadian taxpayers' data, which was made vulnerable by the "Heartbleed" bug.
The Royal Canadian Mounted Police (RCMP) said Stephen Arthuro Solis-Reyes was arrested at his London, Ontario home on Tuesday without incident.
He is scheduled to appear in court on Thursday to face charges of unauthorized use of a computer to steal data from the Canada Revenue Agency (CRA)'s website.
"It is believed that Solis-Reyes was able to extract private information held by the CRA by exploiting the security vulnerability known as the Heartbleed Bug," the RCMP said in a statement.
The suspect was tracked down within four days after what CRA Assistant Commissioner Gilles Michaud had described as a serious security breach.
Police said computer equipment was seized at the suspect's home, and that the investigation is still ongoing.
The Canada Revenue Agency said 900 social insurance numbers — personal nine-digit codes required for working or accessing government benefits in Canada — had been stolen last week by "someone exploiting the Heartbleed vulnerability."