A Canadian teenager has become the first person arrested for attempting to exploit the Heartbleed bug.
Heartbleed, discovered last week, is the name given to a flaw in OpenSSL, the tech which underpins much of the encrypted web.
A team of researchers found that some versions of OpenSSL were vulnerable to hackers, who could convince the server to send back unencrypted information including passwords and credit card numbers.
Now a teen in Ontario has been arrested for reportedly trying to hack into a Canadian Revenue Agency website using the bug.
Stephen Arthuro Solis-Reyes was allegedly caught trying to steal more than 900 social insurance numbers.
"It is believed that Solis-Reyes was able to extract private information held by CRA by exploiting the vulnerability known as the Heartbleed bug," the Canadian police said.
He has now been charged with "unauthorized use of a computer" and "mischief in relation to data".
It is not known if hackers in the UK have used the exploit, though several sites including Mumsnet have recorded apparent security breaches as a result.