Featured Articles

LG G Watch R ships in two weeks

LG G Watch R ships in two weeks

The LG G Watch R, the first Android Wear watch with a truly round face, is coming soon and judging by…

More...
LG unveils NUCLUN big.LITTLE SoC

LG unveils NUCLUN big.LITTLE SoC

LG has officially announced its first smartphone SoC, the NUCLUN, formerly known as the Odin.

More...
Microsoft moves 2.4 million Xbox Ones

Microsoft moves 2.4 million Xbox Ones

Microsoft has announced that it move 2.4 million consoles in fiscal year 2015 Q1. The announcement came with the latest financial…

More...
Gainward GTX 970 Phantom previewed

Gainward GTX 970 Phantom previewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
EVGA GTX 970 SC ACX 2.0 reviewed

EVGA GTX 970 SC ACX 2.0 reviewed

Nvidia has released two new graphics cards based on its latest Maxwell GPU architecture. The Geforce GTX 970 and Geforce GTX…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Tuesday, 15 April 2014 12:00

Heartbleed flaw behind tax hack

Written by Nick Farrell



First of its kind

Canada's tax-collection agency has been identified as a victim of the Heartbleed attack and the private information of about 900 people had been compromised. The breach allowed hackers to extract social insurance numbers, which are used for employment and gaining access to government benefits, and possibly some other data, the Canada Revenue Agency said.

It is the first confirmed report of hackers exploiting a flaw in OpenSSL to obtain actual data. A British parenting website Mumsnet, which claims more than 60 million monthly page views, said it had required all users to reset their passwords after a Heartbleed-related breach. It did not say whether any information had been taken. It is expected that there will be more attacks this week.

The Canada Revenue Agency said that police are investigating the attack, which occurred over a six-hour period. Forensic experts try to ascertain whether other data had been taken, a task that will be complicated because security experts say they believe that the Heartbleed bug allows attackers to steal data without leaving a trace.

The agency shut down access to its online services because of the bug.

Canadian authorities said that all government websites, including that of the Canada Revenue Agency, were back up as of Monday, with an updated and tested version of the OpenSSL software.

Nick Farrell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments