Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Canada

Police asked CRA to delay telling the public about stolen SINs

By Nicole Bogart Global News
Posted April 15, 2014 3:35 pm
2 min read
Police asked the Canada Revenue Agency to delay telling the public that 900 social insurance numbers had been stolen from its website. View image in full screen
Police asked the Canada Revenue Agency to delay telling the public that 900 social insurance numbers had been stolen from its website. The Canadian Press Images-Mario Beauregard
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

TORONTO – The RCMP asked the Canada Revenue Agency to delay telling the public that 900 social insurance numbers had been stolen from its website while it was compromised by the Heartbleed bug.

LIVE BLOG: Experts answer questions about the Heartbleed bug – Tuesday at 12 p.m. ET

According to a statement, the RCMP said it was notified of the security breach on Friday but asked the CRA to hold off on telling the public until Monday so it could pursue investigative leads.

“This deferral permitted us to advance our investigation over the weekend, identify possible offender(s) and has helped mitigate further risk,” read the statement issued Tuesday morning.

The email you need for the day's top news stories from Canada and around the world.

READ MORE: Heartbleed bug – What’s affected and what passwords you need to change

The CRA announced Monday that roughly 900 SINs had been stolen from the site over a period of six hours.

Story continues below advertisement

Each person affected will receive a registered letter to inform them of the breach and free access to credit protection services. A dedicated 1-800 number will also be available to those affected to provide further information, including what steps to take to protect the integrity of their SIN.

The agency has not confirmed whether it was just users’ SINs that were accessed or if any additional personal information was accessed.

Trending Now

READ MORE: SINs stolen from CRA website prompt identity theft concerns

More on Canada

The CRA shutdown its electronic filing services April 9, a day after the Heartbleed vulnerability was made public.

Kellman Meghu, head of security engineering at Checkpoint Software Technologies, said Tuesday that Canadian’s information may have been put at risk from the CRA’s delay in taking its services offline.

“I’m afraid [information] would have been at risk,” Kellman said during a live blog hosted by Global News on Tuesday.

“The CRA is dealing with many servers – it would take them time to validate all their systems, which means there was time for other people to discover it was open to Heartbleed as well.”

Some experts have also suggested that more information may be at risk – which could put those affected at risk of identity theft.

Advertisement
© 2014 Shaw Media

Sponsored content

AdChoices