[kwlug-disc] Heartbleed affected sites

CrankyOldBugger crankyoldbugger at gmail.com
Tue Apr 15 09:35:55 EDT 2014

My money is on the NSA being the culprit at the CRA.

On 15 April 2014 09:20, Khalid Baheyeldin <kb at 2bits.com> wrote:

> Oh, and here is a bit of info to ruin your day before your first coffee
> http://www.cra-arc.gc.ca/gncy/sttmnt2-eng.html
> "Regrettably, the CRA has been notified by the Government of Canada's lead
> security agencies of a malicious breach of taxpayer data that occurred over
> a six-hour period. Based on our analysis to date, Social Insurance Numbers
> (SIN) of approximately 900 taxpayers were removed from CRA systems by
> someone exploiting the Heartbleed vulnerability. We are currently going
> through the painstaking process of analyzing other fragments of data, some
> that may relate to businesses, that were also removed."
> Is it simply that CSIS et al are they monitoring the forums that sell the
> stolen info?
> Or more ominously, are they monitoring the wire of all traffic to/from
> CRA?
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. --   Leonardo da Vinci
> For every complex problem, there is an answer that is clear, simple, and
> wrong." -- H.L. Mencken
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140415/fd937ec3/attachment.html>

More information about the kwlug-disc mailing list