OTTAWA — The social insurance numbers of 900 taxpayers were stolen from the Canada Revenue Agency computer system by someone taking advantage of the Heartbleed computer bug.

The revenue agency said Monday the breach took place during a six-hour period after the security flaw was discovered.

Andrew Treusch, Commissioner of Revenue at the agency, said in a statement the CRA is currently investigating the removal of other data, some of which "relate to businesses."

No other information was immediately available.

On Sunday, the federal tax agency announced its online services were up and running again after it blocked public access five days ago due to the Heartbleed flaw.

The CRA says the security risk has been addressed, but added it will not apply interest or penalties to individual taxpayers filing their 2013 tax returns after April 30 for a period equal to the length of the service interruption.

Revenue Minister Kerry-Lynne Findlay says that means 2013 tax returns filed by May 5 will not incur interest or penalties.

The CRA has apologized to Canadians for the delay and inconvenience, but added it was necessary to ensure the agency's online services were safe and secure.

Service has also been restored to all publicly accessible Government of Canada websites.