Statement from the Interim Privacy Commissioner of Canada regarding Heartbleed
OTTAWA, April 14, 2014 – Interim Privacy Commissioner of Canada Chantal Bernier issued the following statement today:
Heartbleed has become a worldwide issue and has raised serious concerns about the protection of personal information. Today, the Canada Revenue Agency (CRA) announced that hackers have taken advantage of the problem and that, as a result, the personal information of approximately 900 taxpayers was compromised.
The CRA contacted my Office on April 11th to notify us of the intrusion, and to tell us about the measures it is taking to mitigate the privacy risks, as well as to notify each of the individuals affected by the breach. The CRA has assured us that it is presently contacting all affected individuals.
Canadians should know that my Office will continue to communicate with the CRA to ensure we remain fully informed of all relevant privacy issues.
In addition to this and more broadly, we are also closely monitoring the technical developments as they emerge, so that we may better understand the potential privacy implications of Heartbleed.
When it comes to Government of Canada websites, Shared Services Canada and Treasury Board Secretariat are responsible for the protection of cyber technology infrastructure. The federal agency responsible for cybersecurity in Canada is Public Safety Canada.
We would encourage organizations in both the public and private sectors to take the appropriate and necessary steps to ensure that their systems have not been compromised as a result of Heartbleed, that their systems are as secure as possible, and that any personal information they hold is protected.
Meanwhile, Canadians who are concerned about Heartbleed may wish to consult www.getcybersafe.gc.ca, a Public Safety Canada website which offers information about the issue, as well as tips on how individuals can protect themselves.
Interim Privacy Commissioner of Canada
- Date modified: