http://www.csoonline.com/article/2466726/data-protection/heartbleed-to-blame-for-community-health-systems-breach.html
By Steve Ragan
CSO
Aug 19, 2014
According to a blog post from TrustedSec, an information security
consultancy in Ohio, the breach at Community Health Systems (CHS) is the
result of attackers targeting a flaw OpenSSL, CVE-2014-0160, better known
as Heartbleed.
The incident marks the first case Heartbleed has been linked to an attack
of this size and type.
On Monday, CHS disclosed a data breach in an 8-K filing with the U.S.
Securities and Exchange Commission. The filing itself was brief, offering
few details on the actual attack and its root cause.
The regulatory notice stated that CHS believes the network compromise
itself happened in April and June of 2014. Once discovered, they hired
Mandiant to perform an investigation, which speculated that the attacker
was part of a group in China.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
