[kwlug-disc] Heartbleed affected sites

Khalid Baheyeldin kb at 2bits.com
Tue Apr 15 09:20:27 EDT 2014


Oh, and here is a bit of info to ruin your day before your first coffee

http://www.cra-arc.gc.ca/gncy/sttmnt2-eng.html

"Regrettably, the CRA has been notified by the Government of Canada's lead
security agencies of a malicious breach of taxpayer data that occurred over
a six-hour period. Based on our analysis to date, Social Insurance Numbers
(SIN) of approximately 900 taxpayers were removed from CRA systems by
someone exploiting the Heartbleed vulnerability. We are currently going
through the painstaking process of analyzing other fragments of data, some
that may relate to businesses, that were also removed."

Is it simply that CSIS et al are they monitoring the forums that sell the
stolen info?

Or more ominously, are they monitoring the wire of all traffic to/from CRA?
-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
Simplicity is the ultimate sophistication. --   Leonardo da Vinci
For every complex problem, there is an answer that is clear, simple, and
wrong." -- H.L. Mencken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140415/60324f20/attachment.htm>


More information about the kwlug-disc mailing list