Heartbleed hurts British mums and Canadian taxpayers

The social insurance numbers for about 900 Canadian residents and private data from the UK popular parenting website have been compromised, in the first reports of breaches tied to the software defect.

Mumsnet said data had been accessed before it fixed the flaw.  

Canada Revenue Agency Commissioner Andrew Treusch said the government has evidence that crooks exploited the vulnerability while they were trying to fix it.

“Regrettably, the CRA has been notified by the government of Canada’s lead security agencies of a malicious breach of taxpayer data that occurred over a six-hour period,” he said.

The Canadian government learned of the intrusion on 4/11 but waited until 4/14 to announce the incident, according to the CBC. 

The agency was still investigating and some of the data could relate to businesses rather than individual taxpayers.

Justine Roberts, founder and chief executive of Mumsnet, said it was not clear what the attackers got to. It could have included usernames, emails, passwords, posting history, personal messages and a personal profile.

“Mumsnet is not an obvious target because it does not deal in financial or confidential information but, as people often use the same passwords for several sites, hackers may have wanted to get the information to use on other sites,” FT reports.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.