The federal tax agency reports that the social insurance numbers of approximately 900 individuals were stolen from the Canada Revenue Agency computer system, which was compromised due to the Heartbleed bug.
According to the CRA, online services were blocked for five days until the security risk could be addressed properly. While there would typically be interest or penalties for taxpayers filing their tax returns after April 30th, the CRA will not apply interest or penalties for taxpayers filing their 2013 tax returns until May 5th due to the disruption of online services.
CRA commissioner Andrew Treusch says all individuals impacted by the breach will receive a letter to notify them. If you receive an email or phone call from the ‘CRA,’ please do not reply or provide personal information. The CRA says all notifications will be done via letters to prevent phishing schemes.
“I share the concern and dismay of those individuals whose privacy has been impacted by this malicious act,” Andrew Treusch explained in a statement. “CRA online services are safe and secure. The CRA responded aggressively to successfully protect our systems. We have augmented our monitoring and surveillance measures, so that the security of the CRA site continues to meet the highest standards.”
About the Heartbleed Bug
Google and Codenomicon discovered the Heartbleed vulnerability in the OpenSSL software library. Heartbleed has the potential to expose private data because OpenSSL software is used to encrypt private communications on the Internet.
While Heartbleed was just recently discovered, it has been impacting websites for over two years. So how can you stay protected against the vulnerability? First, use an online tool to check your favorite websites. Also, change your passwords for all online services immediately.
To learn more about the Heartbleed bug, give us a call at (613) 828-1384 or send us an email at firstname.lastname@example.org. Fuelled Networks can help you stay up to date and protected against the latest security threats.