Site icon IT World Canada

Ontario man charged with Revenue Canada breach

Security Encryption Graphic

Graphic via Shutterstock Shutterstock.com

A 19-year old London, Ont. man has been charged in connection with the taking of data from the Canada Revenue Agency Website.

The RCMP said that Stephen Arthuro Solis-Reyes was arrested at his residence Thursday after an investigation that began this week when the department realized that some 900 social insurance numbers had been taken from its database by exploiting the Heartbleed vulnerability.

The Globe and Mail reports he is the son of University of Western Ontario computer science professor Roberto Solis-Oba.

According to the London Free Press, he was part of a high school team that won a London-area Catholic school board computer programming competition two years ago.
RELATED ARTICLE: Ottawa orders sites vulnerable to Heartbleed shut

Solis-Reyes has been charged with one count of making an unauthorized use of computer and one count of mischief in relation to data under to Sections 342.1(1)(a) and 430(1.1) of the Criminal Code.

The RCMP said the investigation into the data breach is still ongoing.

“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible,” RCMP assistant commissioner Gilles Michaud said in a release. “Investigators from National Division, along with our counterparts in “O” Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners.”

Solis-Reyes is scheduled to appear in court in Ottawa on July 17.

The Heartbleed vulnerability exploits a coding error in systems that use the open source OpenSLL libraries for encryption protection and leaves a portion of data in memory open. It was thought by most experts that copying data in memory is almost impossible to trace. The swift arrest suggests Ottawa has certain protections on very sensitive systems that allow it to track some network activity.

Exit mobile version