Editor's Note
A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA).
The attackers target employee email accounts to access login information for processing payments to insurance companies, Medicare, and similar entities. They may also impersonate employees to trigger password resets through IT help desks.
AHA was alerted to this scheme in January, and HHS issued a similar advisory in April. John Riggi, AHA's national advisor for cybersecurity, emphasized the severity of these threats and recommended health care organizations conduct social engineering tests, implement multi-person authentication for payment changes, and alert payers to this requirement. He also noted an increase in cyber threats during holidays, urging vigilance and staff awareness as Independence Day approaches.
Read More >>