It seems like changing your password isn’t enough to protect you from the Heartbleed exploit.
Sensitive information belonging to hundreds of Canadian residents was allegedly stolen by 19-year-old Western University student Stephen Arthuro Solis-Reyes, according to the Royal Canadian Mounted Police.
While most Heartbleed-affected sites have been patched, it seems its effects are still being felt.
It’s believed the 19-year-old London, Ontario native used the recently exposed Heartbleed security flaw to extract Social Insurance Numbers (SIN) from the Canada Revenue Agency’s site.
According to PC Mag, on Monday, CRA Commissioner Andrew Treusch announced the attack occurred, resulting in the disappearance of 900 SINs over a six hour span.
Solis-Reyes’ computer equipment was seized by authorities after the Royal Canadian Mounted Police arrested him at his home. According to the RCMP, he faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data.
An RCMP spokesperson said there is no other suspect, according to the Toronto Sun.
Solis-Reyes is scheduled to appear in court in Ottawa July 17.