Heartbleed still active as tax payers get personal information stolen from government run web site

The Heartbleed bug remained a concern for the federal government three months after it was supposed to have been patched to protect taxpayers’ personal information, according to an internal government report.

Heartbleed forced the Canada Revenue Agency to shut down its online services at the height of tax season and publicly admit that it had lost the personal information on 900 taxpayers. A London, Ontario man is facing multiple charges in relation to the incident.

A government report penned in July reviewing the lessons learned from Heartbleed provides a detailed timeline of events, showing how quickly and how many people across government were brought to mitigate the damage Heartbleed caused — and continued to cause even in July.