Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Security Encryption

Heartbleed To Blame For Community Health Systems Breach 89

An anonymous reader writes: The Heartbleed vulnerability is the cause of the data breach at Community Health Systems, which resulted in 4.5 million records (containing patient data) being compromised. According to a blog post from TrustedSec, the attackers targeted a vulnerable Juniper router and obtained credentials, which allowed them access to the network's VPN.
This discussion has been archived. No new comments can be posted.

Heartbleed To Blame For Community Health Systems Breach

Comments Filter:
  • Re:I call bullshit (Score:5, Interesting)

    by fuzzyfuzzyfungus (1223518) on Wednesday August 20, 2014 @08:45AM (#47711347) Journal

    The hospital had an Internet-facing router that was accessible via SSH or HTTPS?

    If they were stupid enough to do that, then someone else had probably stolen all their data already.

    What if it was a Juniper SSL VPN Appliance [juniper.net]? TFA is a bit vague; but if the system has VPN access and Juniper gear it seems pretty likely that they might be using that, which would necessarily involve SSL on an internet facing device, though not necessarily SSH or HTTPS.

  • by guru42101 (851700) on Wednesday August 20, 2014 @10:10AM (#47711969)
    I know people who work there. Their only priority is profit. A few weeks ago they did the largest settlement ever with the feds for defrauding medicare. One of the higher ups in a town hall meeting about their atrocious turn over rate compared their employees to janitors. They put red tape over things that should be simple which causes employees to use improper routes to just get something working for now.

Related Links Top of the: day, week, month.

Statistics means never having to say you're certain.

Working...