The popular press incorrectly "reports" lots of thing that are just plain wrong. However heartbleed.com already explained that such detection was possible if an IDS were looking for the fingerprint:
Can IDS/IPS detect or block this attack?
Although the content of the heartbeat request is encrypted it has its own record type in the protocol. This should allow intrusion detection and prevention systems (IDS/IPS) to be trained to detect use of the heartbeat request. Due to encryption differentiating between legitimate use and attack can not be based on the content of the request, but the attack may be detected by comparing the size of the request against the size of the reply. This seems to imply that IDS/IPS can be programmed to detect the attack but not to block it unless heartbeat requests are blocked altogether.
It's just that now that a patch is available most folks would rather just fix the problem than watch their systems get compromised. And like Johann Lau already noted, not many sites keep an archive of all the network traffic that has passed through their site, so retrospective analysis is extremely unlikely.