View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 20, 2014

Was Heartbleed responsible for Community Health Systems hack?

Attackers may have used a virtual private network to break in.

By Jimmy Nicholls

Hackers behind the attack on US medical group Community Health Systems (CHS) exploited the infamous Heartbleed OpenSSL bug, according to security firm TrustedSec.

A source close to the investigation told the company that the attackers took credentials from memory on a Juniper Networks device before logging into the firm’s systems through a virtual private network (VPN) to steal data.

David Kennedy, chief executive of TrustedSec, said: "This is the first confirmed breach of its kind where the Heartbleed bug is the known initial attack vector that was used.

"There are sure to be others out there, however this is the first known of its kind. "

Heartbleed was a zero-day flaw in the security layer that allowed attackers to eavesdrop on conversations through a bug in the "heartbeat" process by which software can communicate with other programmes.

Its discovery in April affected companies such as Google, Instagram and Yahoo, with many of the victims later donating to the Linux Foundation in a bid to improve the future security of the software.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"What we can learn here is that when something as large as Heartbleed occurs we need to focus on addressing the security concerns immediately and without delay," Kennedy added.

4.5 million patients were affected by the attack against CHS, which compromised five years’ worth of personal information including names, birthdates and social security numbers, according to the firm.

However some have speculated that the actual goal was intellectual property, given that the perpetrators are believed to be an advanced persistent threat (APT) group from China.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.