All the latest UK technology news, reviews and analysis

Heartbleed hacker arrested in Canada after Mounties swoop

17 Apr 2014

A 19-year-old man from Canada has been arrested for his alleged use of the Heartbleed OpenSSL flaw to steal information on 900 citizens from the Canada Revenue Agency (CRA).

The Royal Canadian Mounted Police (RCMP) said that its National Division Integrated Technological Crime Unit (ITCU) arrested Stephen Arthuro Solis-Reyes at his home in London, Ontario, after tracing him as the source of the data theft. Police seized computer equipment and Solis-Reyes will appear in court in Ottawa on 17 July.

Assistant commissioner Gilles Michaud said the arrest demonstrated the importance with which the RCMP had attacked after the incident came to light. “The RCMP treated this breach of security as a high-priority case and mobilised the necessary resources to resolve the matter as quickly as possible,” he said.

“Investigators from National Division, along with our counterparts in 'O' Division have been working tirelessly over the last four days analysing data, following leads, conducting interviews, obtaining and executing legal authorisations and liaising with our partners."

The incident is the latest ramification from the discovery of the Heartbleed SSL bug. It was uncovered last week when security researchers revealed that an update to the open-source software in late 2011 left it open to attack.

Since then major firms have been rushing to upgrade their systems to avoid being caught out. Incidents such as that hitting the CRA and community website Mumsnet have demonstrated how quickly hackers react to exploitable threats.

The founders of the OpenSSL software have hit back at the tech community for not doing enough to help maintain the tool, claiming that they are unwilling to provide financial support, despite using the software across their services.

Watch our video below for all you need to know about Heartbleed and how to protect against the flaw.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Dan Worth

Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal

View Dan's Google+ profile

More on Web
What do you think?
blog comments powered by Disqus
Related jobs

Microsoft Azure outage

Is cloud computing reliable enough for business yet?

Popular Threads

Powered by Disqus
Symantec security strategist Sean John

Symantec security strategist calls on UK to address technology sector's gender gap

Sian John wants educational reforms to help sell IT security as a career to young women

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Project Manager (Digital) ? 3 month contract (flexible working) ? Scotland

Project Manager (Digital) ? 3 month contract (flexible...

Infrastructure Engineer - PCI DSS - Basingstoke - 3 Months

Austin Fraser are searching for a Infrastructure Engineer...

Batch Developer

Here at Yodel we're the UK's leading independent parcel...

IT Project Manager

IT Project Manager £28, 695 - £37, 394 About University...
To send to more than one email address, simply separate each address with a comma.