The FBI and Department of Health and Human Services issued an advisory on June 24 regarding cyberthreat actors targeting healthcare organizations in an attempt to steal payments. These agencies have recommended mitigation efforts to help reduce the likelihood of these attacks impacting organizations. One common tactic used by threat actors is phishing, where they gain access to employees’ email accounts and then target login information related to processing reimbursement payments to insurance companies, Medicare, or similar entities. In some cases, threat actors have even posed as employees calling an organization’s IT help desk to trigger a password reset for an employee’s account.
The American Hospital Association (AHA) was first alerted to this type of scheme in January, and HHS issued a similar advisory in April. John Riggi, AHA’s national advisor for cybersecurity and risk, emphasized the serious nature of these social engineering schemes that utilize stolen employee information for password resets and enrolling new devices for multi-factor authentication codes. In addition to the recommended mitigations, healthcare organizations are advised to conduct social engineering tests on their help desk functions and implement multi-person authentication for any changes to payment instructions at the organizational level. Payers should also be informed of these requirements.
As the Fourth of July holiday approaches, it is important to be aware that cyber adversaries tend to target healthcare organizations more aggressively during holidays. Maintaining vigilance and ensuring staff are aware of cyber threats is essential for a safe holiday season. For more information on cyber and risk issues, you can contact John Riggi at jriggi@aha.org. You can also visit www.aha.org/cybersecurity for the latest information and resources on cyber and risk threats.
Transforming ice cream into tiny edible marbles, known as Dippin' Dots, required scientific experiments and…
The Sacramento Kings are reportedly exploring a potential trade for New Orleans Pelicans star forward…
Zack Gordon, the senior manager of homeowners claims at CSAA, has been with the carrier…
Mexico was eliminated from the Copa America after a scoreless draw against Ecuador at State…
Novel problems may arise if there is a lack of incident reporting framework in place.…
Six Flags and Cedar Fair are set to merge, creating one of the largest theme…