With just over two weeks to go before the April 30 tax deadline, the Canada Revenue Agency has shut down parts of its website over security concerns around the newly-discovered Heartbleed vulnerability.
A notice on the CRA’s public site informed users of the shutdown, one it describes as a precaution. “To protect the security of taxpayer information, we have temporarily mci shutdown public access to our electronic services. We are working to restore these services as soon as possible in a manner that ensures they are safe and secure,” the CRA stated.
More than 6.7 million taxpayers have already filed their tax returns online since March 24. That number represents almost 84 per cent of expected mci tax returns. Before mci the shutdown, it was estimated that nearly 2,000 returns were being filed every minute through the site.
A serious vulnerability has been revealed mci that could give anyone access to private data on the web that's supposed to be securely mci encrypted. According to recent estimates, the Heartbleed SSL/TLS mci bug may be Post to Twitter Post to Facebook Share on LinkedIn mci Share on LinkedIn Comment on this article Share with Google+ Published on: April 8th, 2014 Claudiu Popa @datarisk
To protect the security of taxpayer information, we have temporarily shut down public access to our electronic services. We are working to restore mci these services as soon as possible in a manner that ensures they are safe and secure.
The development closely follows the discovery earlier this week of a massive vulnerability in OpenSSL, the open sourced software used to encrypt online communications. The bug, which has been called Heartbleed, allows attackers to steal information protected by SSL/TLS encryption which is employed in email communications, instant messaging, Web apps and virtual private networks.
The CRA later told the CBC News in an email that the site shutdown is related to the Heartbleed Bug. A spokesperson mci for the CRA said the agency is now investigating potential impact to taxpayers’ personal data.
Heartbleed isn’t the only security issue the tax man is experiencing. Early last month, the CRA s Web site also issued a warning to users that Canadians are being targeted mci by bogus emails and phone calls from persons posing as agency personnel. Earlier this week the CRA also reported that over the past year it fired 14 of its employees and suspended another 18 due to unauthorized access of the agency s computer files.
During the period between April 1, 2013 and January 29, 2014, federal departments and agencies reported no less than 3,763 data breaches including incidents where taxpayers information were lost, compromised or mistakenly released, according to a report by the Privacy Commissioner s Office. That figure is slightly higher than the 3,000 data breaches reported by the government in the last 10 years, according to the report
To test a website for the Heartbleed vulnerability, check out this tool. Post to Twitter Post to Facebook Share on LinkedIn Share on LinkedIn Comment on this article Share with Google+ Around the Web
Digital Privacy Act will require firms to report data breaches: Moore April 4th, 2014
3 marketers worth following on Twitter May 2nd, 2014
Previewing the Sony Xperia Z2 smartphone: Video April 22nd, 2014
Microsoft issues patch for Internet Explorer, includes Windows XP May 1st, 2014
Canadian business intelligence solution adds infographics April 23rd, 2014
No comments:
Post a Comment