Communications Security Establishment Canada says it learned of the Heartbleed bug a full day before a federal government public warning went out and parts of the Canada Revenue Agency website were temporarily shut down.
The Canada Revenue Agency was asked by the RCMP not to publicize the theft of 900 social insurance numbers so the Mounties could investigate - a tactic they say led to a "viable" lead over the weekend. Meanwhile, the NDP is asking questions about the government's response to the security breach.
Researchers in Canada’s online security community say that the Heartbleed breach was evidence that government is often not as well equipped as private companies to detect and react quickly to online security threats.
Of all the ways to experience identity theft, the loss of a SIN is among the more serious, as that is a user's official thumbprint on government networks and the one that is most often used to authenticate people in the financial system, too.
As Canadians wait to find out if their social insurance number was among 900 stolen due to the Heartbleed bug, a new survey shows a big increase in U.S. internet users who have had personal data stolen online.