Skip to main content

The first Heartbleed hacker has been arrested

The first Heartbleed hacker has been arrested

Share this story

Canadian officials say they've tracked down the man responsible for the last week's Heartbleed-assisted breach at the Canadian Revenue Agency, which compromised the personal data of more than 900 citizens. According to The Calgary Herald, 19-year-old Stephen Arthuro Solis-Reyes from London, Ontario has been officially charged with the attack after five days of investigation. The official charges are "unauthorized use of a computer" and "mischief in relation to data."

The attack took place on Friday, after the Heartbleed bug was made public, but before the CRA was able to patch their servers to protect against it. As a result, attackers were able to pull random snippets of data from the server's working memory, which in the CRA's case, included sensitive financial information. The service shut down as a result, although the details of the breach were not made public until earlier this week. The government says it is still in the process of notifying all the Canadian citizens affected by the breach.