Menu

Topics

TV Programs

Connect

Local

your local region

National

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

Calendar

Calendar

Search

Quick Search

  •  
  •  
  •  
  •  
  •  
  •  

Trending Now

  •  
     
  •  
     
  •  
     
  •  
     
  •  
     
  •  
     

Add Global News to Home Screen

Instructions:

  1. Press the share icon on your browser
  2. Select Add to Home Screen
  3. Press Add

Comments

Want to discuss? Please read our Commenting Policy first.

Video link
Headline link
Advertisement
Tech

U.S. hospital breach may be biggest exploit of Heartbleed bug yet: report

By Nicole Bogart Global News
Posted August 20, 2014 12:37 pm
2 min read
Heartbleed bug View image in full screen
Hackers responsible for the theft of approximately 4.5 million patient records from Community Health Systems may have exploited the Heartbleed bug to gain access. File/Getty Images
Share this item via WhatsApp

Share

Share this item via WhatsApp whatsapp Share this item on Flipboard flipboard Share this item on Reddit reddit

TORONTO – Hackers responsible for the theft of approximately 4.5 million patient records from U.S. hospital group Community Health Systems may have exploited the Heartbleed bug to gain access, according to reports.

According to a report by Reuters, a security expert with TrustedSec LLC believes that hackers gained access to the company’s database by using the SSL vulnerability in networking equipment made by Juniper Networks.

The report cited “multiple sources familiar with the matter,” who confirmed the Heartbleed bug had allowed the hackers access.

READ MORE: Severe vulnerability found in OpenSSL just months after Heartbleed

Community Health Systems revealed Monday that data from about 4.5 million patients was stolen from its databases. The company said the attack occurred between April and June – when Heartbleed was initially discovered – and suspects the hack came from China.

Story continues below advertisement

Community Health Systems is one of the biggest hospital groups in the U.S.

Breaking news from Canada and around the world sent to your email, as it happens.

Information stolen from the database includes patient names, addresses, birth dates, phone numbers and social security numbers of those who used doctors affiliated with the company over the last five years.

Heartbleed, which some experts have called the biggest security vulnerability in the history of the Internet, was a flaw found in a line of code in OpenSSL.

More on Science and Tech

The security flaw created an opening in SSL/TLS, an encryption technology marked by the small, closed padlock and “https:” on Web browsers to show that traffic is secure. Heartbleed allowed attackers to snoop on Internet traffic even if the padlock icon was closed.

Until now, one of the biggest known exploits stemming from the Heartbleed bug was the breach of the Canada Revenue Agency’s website. Roughly 900 social insurance numbers were stolen at the height of tax season after the federal agency’s website was crippled by the vulnerability, prompting identity theft concerns.

READ MORE: Hacker charged in CRA Heartbleed breach ‘straight-A’ engineering student

A 19-year-old Western University student is facing charges in relation to the incident.

If Heartbleed is to blame for the Community Health Systems hack, it would make be the first known large-scale attack using the vulnerability.

Advertisement
Related News
© 2014 Shaw Media

Sponsored content

AdChoices