Heartbleed Bug claims 900 Canadian taxpayers as its first victims

cupid the new heartbleed attack method that affects android devices bug

In the days following the discovery of the Heartbleed bug, the Internet has gone from sheer panic to anger over allegations that the NSA used the vulnerability for intelligence purposes. Then there was the denial phase, which Cloudflare instigated by saying that the bug does not allow access to the private SSL keys of websites. Now we’re about to circle back to fear with news that attackers exploited the vulnerability to remove the Social Insurance Numbers (SIN) of hundreds of taxpayers from the registry of the Canada Revenue Agency (CRA). The SIN is a nine-digit number that is required to work in the country and receive government benefits; it’s the Canadian version of U.S. Social Security Numbers.

According to a statement from CRA Commissioner Andrew Treusch, the agency shut down its online services on April 8. Its website went back online on April 13, after implementing a patch for the Heartbleed bug. 

“Regrettably, the CSA has been notified by the Government of Canada’s lead security agencies  of a malicious breach of taxpayer data that occurred over a six-hour period. Based on our analysis to data, Social Insurance Numbers of approximately 900 taxpayers were removed from CRA systems by exploiting the Heartbleed vulnerability,” Treusch said. 

Aside from the SINs of taxpayers, other fragments of data that relate to businesses were also removed. The Royal Canadian Mounted Police (RCMP) is currently investigating the matter. 

To make it up to affected taxpayers, the CRA will provide credit protection services for free. It will also send registered mail to inform them of the breach, in hopes of side-stepping phishing schemes. The letter will contain a 1-800 number to help people protect their SINs.

Home Theater

Kanopy privacy breach reveals which movies members have been streaming

Free video streaming site, Kanopy, has been inadvertently publishing millions of lines of web log data for days, according to a new security report. A bad actor could guess a person's identity and see what they've been watching.
Social Media

A Facebook, Instagram bug exposed millions of passwords to its employees

Facebook, Facebook Lite, and Instagram passwords weren't properly encrypted and could be viewed by employees, the company said Thursday. The network estimates millions of users were affected.
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Social Media

Your Google+ public content will remain viewable on the web, if you want it to

Google's failed social network — Google+ — will soon be wiped from the internet, but there's a team of volunteers working right now to save its public content for the Internet Archive.
Mobile

The Moto G7 Power, with its massive battery, is now available for purchase

After a number of leaks and rumors, the Motorola Moto G7, Moto G7 Play, and Moto G7 Power are finally here. The devices represent quite a spec bump over the previous-generation Moto G6 phones, yet still come at a reasonable price.
Mobile

Got gadgets galore? Keep them charged up with the 10 best USB-C cables

We're glad to see that USB-C is quickly becoming the norm. That's why we've rounded up some of the better USB-C cables on the market, whether you're looking to charge or sync your smartphone. We've got USB-C to USB-C and USB-C to USB-A.
Wearables

The Tacs Nato-Lens is a watch for those who live life through a camera lens

Not all watches have to be round, or connect to your phone. The Tacs Nato-Lens is a stylish piece of wristwear with a design inspired by classic SLR cameras, making it a geeky timepiece for the camera and watch fan.
Computing

Get ready to say goodbye to some IFTTT support in Gmail by March 31

If This Then That, the popular automation service, will drop some of its support for Gmail by March 31. The decision comes as a response to security concerns and is aimed to protect user data.
Mobile

5G's arrival is transforming tech. Here's everything you need to know to keep up

It has been years in the making, but 5G is finally becoming a reality. While 5G coverage is still extremely limited, expect to see it expand in 2019. Not sure what 5G even is? Here's everything you need to know.
Mobile

This is the easiest way to save your iPhone data to your computer

Living in fear of losing your contacts, photos, messages, and notes on your iPhone? Fear no more -- in this guide, we'll break down exactly how to back up your iPhone to your computer using Apple's iTunes or to the cloud with iCloud.
Mobile

HMD Global admits Nokia 7 Plus handsets sent user data to China

Nokia could be in some hot water. According to recent reports, Nokia 7 models may be secretly sending data to China without the user knowing about it. Nokia says that the issue was a software bug and that it has been fixed.
Mobile

Here are the best iPad Pro keyboard cases to pick up with your new tablet

The iPad Pro range can double as laptops, but they do need proper keyboards to fill in effectively. Thankfully, there are loads to choose from and we rounded up the best iPad Pro keyboard cases right here.
Mobile

24 must-have apps for rooted Android phones and tablets

Rooting your Android device opens up a world of possibilities, along with a few apps. Here are 24 of our favorites, so you can make the most of your rooted device and unleash the true power of Android.
Mobile

Wring the most out of iOS with the best Siri commands

You may not know all the things you can say to Siri -- after all, Apple never released an official list of commands for its virtual assistant. Thankfully, we've compiled a list of the best Siri commands to help you out.