Although it is a widespread exploit that has been undetected for two years, whether or not a CGL policy covers data breaches allowed by Heartbleed should turn, simply, on whether the policy covers data breach at all...more