A couple of days ago I told you about the massive data breach at Community Health Systems a hospital chain with hospitals in 29 states. This data breach, which was done by Chinese hackers resulted in personal data on 4.5 million patients of Community Health Systems being stolen. The data included names, addresses, birth dates and Social Security numbers which puts the affected individuals in serious jeopardy of identity theft. Community Health Systems is in the process of notifying the affected individuals and offering credit monitoring services. Now however, Trusted Sec LLC, a security company is indiacting that the hacking of Community Health Systems was accomplished by the first known exploitation of the Heartbleed security flaw. Heartbleed is the name of the security flaw in the Open SSL encryption security technology discovered last April that is used by up to 2/3 of websites on the Internet. Although the Heartbleed flaw was promptly patched, there was a period during which the users of this technology were left vulnerable and it appears that during this period was when the Chinese hackers managed to steal data from Community Health Systems. It is not unusual for hackings and data breaches to remain undiscovered for significant periods of time. This data breach may be the first major data breach connected to Community Health Systems, but it is most likely not going to be the last.
It has been said that the price of liberty is eternal vigilance and that is also important in maintaining your own personal security. People who did not change their passwords following the Heartbleed security flaw first being uncovered should take this as a wake up call to do so now. You should also consider putting a credit freeze on your credit report. You can find instructions as to how to do this in the “credit freeze” link on the right hand side of this page. This will protect your credit from being accessed by someone who may otherwise have enough personal information of yours to access your credit report in an effort to use your credit. Finally, you should monitor all of your financial accounts regularly for indications of fraudulent use. Remember, you are only as safe as the places that hold your personal information and some of them have poor security.