Stephen Arthuro Solis-Reyes (pictured) of London, Ontario faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data.
On Monday, CRA Commissioner Andrew Treusch announced that over the course of six hours, the Social Insurance Numbers of about 900 taxpayers were removed from CRA systems. The hack occurred only a day after CRA services were fully restored, followinglast week’s temporary shutdowndue to the Heartbleed bug.
”The RCMP treated this breach of security as a high priority case and mobilized the necessary resources to resolve the matter as quickly as possible,” Assistant Commissioner Gilles Michaud said in astatement.
A search of the suspect’s home led to the seizure of computer equipment. Police provided no further details about the ongoing investigation.
Solis-Reyes is scheduled to appear in court in Ottawa on July 17.
Uncoveredearly last weekby a team of researchers from Google Security and Codenomicon, the Heartbleed weakness has been roaming the Internetfor two years, leaving the door to encrypted data and personal information wide open to scammers.
Now, Web-based organizations are scrambling to patch their systems before they become the next Canada Revenue Agency.
Those 900 residents whose data was compromised can expect a registered letter informing them that they’ve been impacted; for added security, the agency will not be making phone calls or sending emails.
It will, however, provide the affected users with free access to credit protection services and will apply additional protections to their CRA accounts to prevent future unauthorized activity.