Was Heartbleed responsible for Community Health Systems hack?


by Jimmy Nicholls| 20 August 2014

Attackers may have used a virtual private network to break in.

Hackers behind the attack on US medical group Community Health Systems (CHS) exploited the infamous Heartbleed OpenSSL bug, according to security firm TrustedSec.

A source close to the investigation told the company that the attackers took credentials from memory on a Juniper Networks device before logging into the firm's systems through a virtual private network (VPN) to steal data.

David Kennedy, chief executive of TrustedSec, said: "This is the first confirmed breach of its kind where the Heartbleed bug is the known initial attack vector that was used.

"There are sure to be others out there, however this is the first known of its kind. "

Heartbleed was a zero-day flaw in the security layer that allowed attackers to eavesdrop on conversations through a bug in the "heartbeat" process by which software can communicate with other programmes.

Its discovery in April affected companies such as Google, Instagram and Yahoo, with many of the victims later donating to the Linux Foundation in a bid to improve the future security of the software.

"What we can learn here is that when something as large as Heartbleed occurs we need to focus on addressing the security concerns immediately and without delay," Kennedy added.

4.5 million patients were affected by the attack against CHS, which compromised five years' worth of personal information including names, birthdates and social security numbers, according to the firm.

However some have speculated that the actual goal was intellectual property, given that the perpetrators are believed to be an advanced persistent threat (APT) group from China.

Source: Company Press Release

Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

792 people like this.
2210 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.