[ISN] Heartbleed to blame for Community Health Systems breach

http://www.csoonline.com/article/2466726/data-protection/heartbleed-to-blame-for-community-health-systems-breach.html By Steve Ragan CSO Aug 19, 2014 According to a blog post from TrustedSec, an information security consultancy in Ohio, the breach at Community Health Systems (CHS) is the result of attackers targeting a flaw OpenSSL, CVE-2014-0160, better known as Heartbleed. The incident marks the first case Heartbleed has been linked to an attack of this size and type. On Monday, CHS disclosed a data breach in an 8-K filing with the U.S. Securities and Exchange Commission. The filing itself was brief, offering few details on the actual attack and its root cause. The regulatory notice stated that CHS believes the network compromise itself happened in April and June of 2014. Once discovered, they hired Mandiant to perform an investigation, which speculated that the attacker was part of a group in China. […]