Canadian man is the first arrested for Heartbleed: The Royal Canadian Mounted Police announced today that a 19-year-old man has been arrested for allegedly taking advantage of the Heartbleed bug to steal tax information from a government website. He is believed to have compromised some 900 social insurance numbers Canada’s equivalent of Social Security numbers.This marks the first arrest related to the Heartbleed bug, which was discovered earlier this month, but it probably won’t be the last. The bug is thought to have left up to two-thirds of the Internet vulnerable to attack — while many companies have rushed to update their OpenSSL implementation, many websites, Android smartphones, and Wi-Fi routers are still vulnerable.The Canadian government previously warned its citizens to avoid electronic filing systems after the bug’s revelation. The United States Department of Homeland Security issued its own warning shortly after — a slightly disingenuous warning given the possibility that the National Security Agency knew about and exploited the bug for at least two years, according to one report which the NSA refutes.It’s unclear what this first attack — or at least the first attack that we know about — means for Internet security when so many systems are still affected by Heartbleed. Some have said that the equipment needed to perform damaging attacks would be out of most hackers’ reach; but if they do have that equipment, there’s nothing most consumers can do to protect their data.