Canada’s tax agency and a British parenting site have announced data breaches due to the Heartbleed bug affecting OpenSSL. They are the first confirmed victims of the software flaw.
The Canada Revenue Agency (CRA) blocked access to their online services on April 8 to patch their systems.
However, they found that over a six-hour period before the shutdown roughly 900 Social Insurance Numbers (SIN) numbers were stolen. SINs are the Canadian equivalent to U.S. Social Security Numbers.
On April 11, the CRA informed the Privacy Commissioner of Canada of the breach, and the Royal Canadian Mounted Police (RCMP) is investigating.
Originally due on April 30, Canada’s deadline for filing 2013 individual tax returns has been extended to May 5.
Mumsnet is a popular parenting network that says they generate over 60 million page views and over 10 million visits per month.
Mumsnet patched their OpenSSL installation on Thursday, April 10.
According to the BBC, Mumsnet founder Justine Roberts noticed her username and password were used to post a message online.
Roberts said the hackers then informed Mumsnet’s administrators that the attack was linked to the Heartbleed flaw and told them the company’s data was not safe.