The Washington Post

The first suspected Heartbleed hacker has been arrested


A Canadian cyber crime unit has arrested and charged a 19-year-old Ontario man for allegedly hacking into the country's tax agency using the Heartbleed Internet security bug.

The suspect, Stephen Arthuro Solis-Reyes, was arrested Tuesday at his home "without incident," law enforcement authorities with the Royal Canadian Mounted Police said in a news release. Officials found and seized computer equipment from Solis-Reyes's home.

Earlier this week, the Canada Revenue Agency said an attacker using Heartbleed stole 900 Social Security numbers. It was the first known case of a hacker taking advantage of the security flaw for malicious purposes.

The vulnerability stems from a fault in OpenSSL, a widely used security protocol that encrypts Internet traffic for vast numbers of Web sites.

Read More:
Heartbleed is about to get worse, and it will slow the Internet to a crawl

What you can do about the Heartbleed bug

The man who says he gave the Internet ‘Heartbleed’ talks about his mistake

Brian Fung covers technology for The Washington Post, focusing on telecommunications and the Internet. Before joining the Post, he was the technology correspondent for National Journal and an associate editor at the Atlantic.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Video curated for you.
Next Story
Brian Fung · April 16, 2014

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.