OpenSSL defacement due to passwords, not hypervisor hack

Our investigation found that the attack was made through insecure passwords at the hosting provider, leading to control of the hypervisor management console, which then was used to manipulate our virtual server.  OpenSSL