Canada shutters tax filing website over 'Heartbleed' bug

Apr 09, 2014

Canada's tax agency shuttered its website Wednesday after warning that encrypted taxpayer data could be vulnerable to the "Heartbleed" bug.

The Canada Revenue Agency (CRA) said the decision, which comes only three weeks before the annual income tax filing deadline, was taken as a "preventative" measure.

"The CRA has temporarily shut down public access to our online services to safeguard the integrity of the information we hold," it said.

Later the CRA said it was "working on a remedy" and hoped to have its website back up and running in three to four days.

Canadian taxpayers are expected to file their tax returns for 2013 with the Canadian Revenue Agency by April 30.

Missing the filing deadline usually results in stiff penalties, but the CRA said "consideration" would be given to anyone affected by the website service interruption.

The agency last week said in a Twitter message that it was processing 1,763 online returns per minute—a seasonal high.

As of March 24, 6,787,284 tax returns had been filed with the government agency, it said. Of those, 83.5 percent were filed online.

There are an estimated 22 million taxpayers in Canada.

The freshly-discovered flaw in online-data scrambling software OpenSSL allows hackers to eavesdrop on online communications, steal data, impersonate websites and unlock encrypted data.

OpenSSL is commonly used to protect passwords, credit card numbers and other data sent via the Internet.

More than half of websites use the software, but not all versions have the same vulnerability, according to heartbleed.com.

Cyber security firm Fox-It estimates that the vulnerability has existed for about two years, since the version of OpenSSL at issue was released.

Computer security specialists, website masters and others began fretting about the bug this week after several reports of hacking.

The CRA said it would investigate any theft and abuse of taxpayer information resulting from security breaches.

Explore further: Heartbleed bug find triggers OpenSSL security advisory

add to favorites email to friend print save as pdf

Related Stories

Heartbleed bug find triggers OpenSSL security advisory

Apr 08, 2014

A flaw called Heartbleed in OpenSSL, which is a software library used for the protection and security of millions of websites, was uncovered by Neel Mehta of Google Security, who first reported it to the ...

Heartbleed bug causes major security headache (Update 3)

Apr 09, 2014

A confounding computer bug called "Heartbleed" is causing major security headaches across the Internet as websites scramble to fix the problem and Web surfers wonder whether they should change their passwords to prevent the ...

Software glitch delays 660,000 tax refunds

Mar 14, 2013

The Internal Revenue Service says 660,000 taxpayers will have their refunds delayed by up to six weeks because of a problem with the software they used to file their tax returns.

Recommended for you

Iliad founder says T-Mobile offer is 'real'

5 hours ago

French telecom upstart Iliad's founder said Friday that the company's offer for US-based T-Mobile is "real" and that he is open to working with partners on a deal.

Law changed to allow 'unlocking' cellphones

5 hours ago

President Barack Obama signed a bill into law on Friday making it legal once again to unlock a cellphone without permission from a wireless provider, so long as the service contract has expired.

Social network challenges end in tragedy

5 hours ago

Online challenges daring people to set themselves ablaze or douse themselves in ice water are racking up casualties and fueling wonder regarding idiocy in the Internet age.

Microsoft sues Samsung alleging contract breach

5 hours ago

Microsoft on Friday sued Samsung in federal court claiming the South Korean giant had breached a contract over cross-license technology used in the fiercely competitive smartphone market.

States debate digital currency

7 hours ago

Now that consumers can use digital currencies like bitcoin to buy rugs from Overstock.com, pay for Peruvian pork sandwiches from a food truck in Washington, D.C., and even make donations to political action committees, states ...

User comments : 0