900 Social Insurance Numbers stolen due to Heartbleed,  breaches of private citizen data affecting over 725,000 of us; OpenMedia.ca available to comment

Canadians deserve answers from the government about what it’s doing to keep our private data secure, says community-based group working to protect the privacy of all Canadians

WHO
Steve Anderson, Executive Director, OpenMedia.ca
David Christopher, Communications Manager, OpenMedia.ca. (778-232-1858, [email protected])

WHAT

The Canada Revenue Agency has revealed that the Heartbleed bug has made over 900 Social Insurance Numbers in CRA databases vulnerable to cyber criminals, including those who wish to engage in identity theft.

Heartbleed is a bug in software called OpenSSL that is used to secure data for popular web services that Canadians use everyday. The bug means that cyber criminals could have access to our passwords and other sensitive information.

The theft of 900 Social Insurance Numbers CRA databases follows over 3000 recent instances of citizen data being lost by the government, affecting approximately 725,000 of us according to the Privacy Commissioner.

The government also has questions to answer about the role of its spy agency CSEC. Bloomberg News is reporting that the U.S. National Security Agency(NSA) has known about the Heartbleed vulnerability for over 2 years and has used it to collect passwords and other sensitive information of internet users. CSEC works very closely with the NSA, which has many Canadians concerned about whether the Canadian government has known about Heartbleed for some time.

QUOTE

OpenMedia.ca Executive Director Steve Anderson said: “We know CSEC works very closely with the NSA so the government certainly has questions to answer. Did CSEC know about this dangerous bug and fail to inform Canadians? Was Canadians’ private information put at risk because of CSEC? It’s an important question for them to answer because we already know from internal documents that the spy agency has deliberately weakened other encryptions in order to spy on people.”

Anderson continued: “This government is sadly bad on privacy issues. As data security becomes more and more important - the government is fundamentally mismanaging our sensitive information and our right to privacy. Instead of tackling the problem they’re making things worse by granting immunity to telecom companies that hand over our private information without a warrant.”

BACKGROUND

OpenMedia.ca led the successful StopSpying.ca campaign that forced the government to back down on its plans to introduce a costly, invasive, and warrantless online spying law (Bill C-30). Nearly 150,000 Canadians took part in the campaign. To learn more, see this infographic.

On October 10, 2013 OpenMedia.ca collaborated with over 40 major organizations and over a dozen academic experts to form the Protect Our Privacy Coalition, which is the largest pro-privacy coalition in Canadian history. The Coalition is calling for effective legal measures to protect the privacy of every resident of Canada against intrusion by government entities.

OpenMedia.ca has launched a national campaign encouraging Canadians to support a BCCLA legal action which aims to stop illegal spying by challenging the constitutionality of the government’s warrantless collection of data on Canadians’ everyday Internet use.

CONTACT

David Christopher
Communications Manager, OpenMedia.ca
1-778-232-1858
[email protected]