CyberScout

Heartbleed Bug Reignites Security Worries After Data Breach

Heartbleed Bug Reignites Security Worries After Data Breach

In the aftermath of the Heartbleed Bug's discovery, the security flaw continues to spark security concerns. The Heartbleed Bug was revealed in many of the world's most popular sites in April, and Internet users were shocked at its scope. From retail sites to social networks, it seemed as though no Internet giant was immune to the problems of the Heartbleed Bug, which affects site encryption and security technology Secure Sockets Layer (SSL). Companies urged users to change their passwords, saying the vulnerability may compromise personal and financial information.

"Our security teams worked quickly on a fix and we have no evidence of any accounts being harmed," social media site Instagram said in a statement, according to Mashable. "But because this event impacted many services across the Web, we recommend you update your password on Instagram and other sites, particularly if you use the same password on multiple sites."

Hospital Group Reports Data Breach Linked to Heartbleed
Fears about the security flaw were realized after a hospital group notified 4.5 million patients about a data breach after cybercriminals from China stole their personal information. New details have emerged that show evidence that the attackers managed to use the Heartbleed Bug to perpetuate the breach at Community Health Systems, according to a blog post by IT security firm TrustedSec. The firm said the attackers were able to access user credentials because of the Heartbleed Bug and then logged into the internal computer network that contained millions of patient records. 

The Community Health data breach was the biggest incident in which cyberattackers exploited the Heartbleed Bug, according to Reuters

In light of the massive breach, TrustSec advised organizations to monitor and detect threats to its security and response rapidly before data breaches occur. 

"Having the ability to detect and respond to an attack when it happens is key to enacting incident response and mitigating the threat quickly," the IT security firm said in a blog post. "What we can learn here is that when something as large as Heartbleed occurs (rare) that we need to focus on addressing the security concerns immediately and without delay."

Flaw Inspires Response from Tech Firms
In response to the Heartbleed Bug and the cyberthreats posed by this vulnerability, IT security professionals and tech firms are banding together to support OpenSSL software and make this technology more secure, The Wall Street Journal reported. The industry-wide effort has led to the creation of the Core Infrastructure Initiative, which is already backed by Google and International Business Machines Corp. to develop the source code that will protect websites from vulnerabilities like the Heartbleed Bug.