London Man Charged After CRA Security Breach

Image by rejon via OpenClipArt

The RCMP say a 19-year-old London man has been charged in connection with a breach of the Canadian Revenue Agency’s website.

Police say Stephen Arthuro Solis-Reyes, a computer science student at Western University, was arrested on Tuesday without incident.  He is accused of using the Heartbleed bug, that has weakened internet security over recent weeks, to hack into the CRA website. The RCMP alleges the 19-year-old accessed private information in a “malicious breach of taxpayer data”.  He is charged with one count of mischief in relation to data and another count of unauthorized use of a computer.

During a search of his London home, police seized computer equipment as evidence. London police assisted the RCMP in the investigation.

The RCMP launched an investigation after it was revealed that the Heartbleed Bug was used to steal over 900 SIN numbers from the CRA website. The police investigation is ongoing. They are searching for additional suspects.

“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible,” says Assistant Commissioner Gilles Michaud. “Investigators from National Division, along with our counterparts in “O” Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners.”

Solis-Reyes will appear in an Ottawa court on July 17.