Heartbleed hack did government a favour, hackers say

A lock icon, signifying an encrypted Internet connection, is seen on an Internet Explorer browser....

A lock icon, signifying an encrypted Internet connection, is seen on an Internet Explorer browser. REUTERS/Mal Langsdon

Jennifer O'Brien, The London Free Press

, Last Updated: 8:30 PM ET

LONDON, Ont. — Hackers say whoever used the infamous Heartbleed bug to siphon social insurance numbers from Canada’s tax-collection agency did the federal government and Canadian taxpayers a favour.

This week the Mounties charged Stephen Arthuro Solis-Reyes, 19, a London, Ont., computer science student, with exploiting the software security flaw in an alleged attack on the Canada Revenue Agency’s website. The agency said the personal information of about 900 people was compromised.

The accused's lawyer, Faisal Joseph, says Canadians should be more concerned that anyone could even access information that’s supposed to be behind a virtual iron wall.

“The issue in this case isn’t the accused. The issue is — if the allegation is true — how could any teenager get access to this sensitive information,” Joseph said Friday. “The security measures people think are there are not there.”


Videos

Photos