CRA loses taxpayer data to Heartbleed bug

Tax agency says 900 social insurance numbers compromised in online privacy breach

The Canada Revenue Agency says the social insurance numbers of 900 taxpayers were stolen last week by someone using the Heartbleed encryption vulnerability before the taxation agency shut down public access to its online services.

It happened over a six-hour period by someone exploiting the vulnerability in many supposedly secure websites that used an open-source encryption system.

The CRA said it will send registered letters to affected taxpayers and will not be emailing them because it doesn’t want fraudsters to use phishing schemes to further exploit the privacy breach.

“I want to express regret to Canadians for this service interruption,” CRA commissioner Andrew Treusch said. “I share the concern and dismay of those individuals whose privacy has been impacted by this malicious act.”

Other personal data and possibly businesses’ information may also have been lost.

“We are currently going through the painstaking process of analyzing other fragments of data, some that may relate to businesses, that were also removed,” Treusch said.

Taxpayers whose data was compromised will get bolstered CRA account protection and free access to credit protection services.

Canada’s Privacy Commissioner is also investigating.

Online services, including the E-file and Netfile online income tax portals, were patched and re-launched Sunday after what the CRA called a vigourous test to ensure they are safe and secure.

The CRA cut off access to those services April 8 as word spread that the Heartbleed bug had given hackers access to passwords, credit card numbers and other information at many websites.

People whose income tax filing was delayed by last week’s CRA interruption have been given until May 5 – beyond the usual April 30 filing deadline – to file returns without being penalized.

The Heartbleed vulnerability, which has existed for two years, compromised secure web browsing at some sites despite the display of a closed padlock that indicates an encrypted connection.

Just Posted

City to provide free transit for refugee family

Salmon Arm council approves up to $1,200 in bus passes to end of 2018

Chance of showers may not be enough to rid Okanagan of smoke

Wind and chance of thunderstorms competing factors in this week’s forecast

Darke Lake residents under evacuation alert

Fire crews battling wildfire in rural community west of Summerland

Your Shuswap with Loren Bernardin

Find out what people in your community love about the Shuswap and Salmon Arm

25-year-old Edmonton man pronounced dead on Shuswap Lake houseboat

Sicamous RCMP deem death to be non suspicious, BC Coroners Service investigating

Filmmaker captures the smoke that enveloped the Shuswap

Check out this video of the haze that blanketed Salmon Arm

Former Trump aide Paul Manafort found guilty of eight charges

A mistrial has been declared for the other 10 charges against him

Canada’s team chasing elusive gold medal at women’s baseball World Cup

Canada, ranked No. 2 behind Japan, opens play Wednesday against No. 10 Hong Kong

Former B.C. detective gets 20 months in jail for kissing teen witnesses

James Fisher, formerly with Vancouver police department, pleaded guilty to three charges in June

Former B.C. premier Christy Clark criticizes feds for buying pipeline

The $4.5 billion purchase of Kinder Morgan’s Trans Mountain pipeline second worst decision, she said

Blaze near Olalla grows to 527 hectares

The Old Tom Creek fire that started Aug. 15 is burning near Keremeos

‘Takes more courage to fail’: B.C. ultra-marathon swimmer reflects on cancelled try at record

Susan Simmons halted her swim from Victoria to Port Angeles and back because of hypothermia

Animals moved from B.C. Interior shelters to make way for pets displaced by wildfires

The Maple Ridge SPCA houses animals to make space for pets evacuated from B.C.’s burning interior.

$21.5 million medical pot plant to be built in B.C.

The facility is to be built in Princeton

Most Read