Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Canada

Hacker charged in CRA Heartbleed breach ‘straight-A’ engineering student

By Nicole Bogart Global News
Posted April 16, 2014 2:12 pm
2 min read
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

TORONTO – Police have charged a 19-year-old man in relation to the security breach on the Canada Revenue Agency’s website, which resulted in roughly 900 social insurance numbers being stolen.

RCMP arrested Stephen Arthuro Solis-Reyes, of London, Ont., at his home on April 15. He faces one count of “Unauthorized Use of Computer” and one count of mischief. Police also seized of computer equipment during a search of Solis-Reyes’ home.

Solis-Reyes’ lawyer, Faisal Joseph of Lerners Law Firm, described the teen as a “straight-A” second year engineering student at Western University. He said Solis-Reyes’ father, a computer science professor at Western, was an “emotional wreck” over the charges.

The 19-year-old  is listed as a 1500 metre runner on multiple London, Ont. running websites.

Joseph confirmed to Global News that Solis-Reyes voluntarily turned himself into police and has since been released on conditions.

Story continues below advertisement

READ MORE: SINs stolen from CRA website prompt identity theft concerns

The email you need for the day's top news stories from Canada and around the world.

“The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible. Investigators from National Division, along with our counterparts in “O” Division have been working tirelessly over the last four days analyzing data, following leads, conducting interviews, obtaining and executing legal authorizations and liaising with our partners,” said assistant commissioner Giles Michaud in a written statement.

Yearbook photo of Stephen Solis-Reyes. View image in full screen
Yearbook photo of Stephen Solis-Reyes. File Photo

The CRA revealed Monday that roughly 900 social insurance numbers were stolen after the federal agency’s website was crippled by the Heartbleed bug. The agency has not yet said whether any other personal information was stolen.

Those affected by the security breach will be notified with a registered letter and will have free access to credit protection services.

Story continues below advertisement

READ MORE: Police asked CRA to delay telling the public about stolen SINs

The CRA shut down its electronic filing services April 9, a day after the Heartbleed vulnerability was made public.

Kellman Meghu, head of security engineering at Checkpoint Software Technologies, said Tuesday that Canadians’ information may have been put at risk from the CRA’s delay in taking its services offline.

“I’m afraid [information] would have been at risk,” Kellman said during a live blog hosted by Global News on Tuesday.

“The CRA is dealing with many servers – it would take them time to validate all their systems, which means there was time for other people to discover it was open to Heartbleed as well.”

Solis-Reyes is scheduled to appear in court in Ottawa on July 17.

Related News
© 2014 Shaw Media

Sponsored content

AdChoices