HIPAA Journal June 26, 2024
Steve Alder

A joint cybersecurity advisory has been issued by the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) about an ongoing social engineering campaign targeting the healthcare and public health (HPH) sector. The campaign has been running since August 2023 and seeks access to email account credentials to divert automated clearinghouse (ACH) payments to U.S. bank accounts under the threat actor’s control.

The threat actor targets email accounts and once access has been gained, pivots to targeting login credentials that allow them to make changes to accounts involved in reimbursement payments to insurance companies, Medicare, and other entities. Two methods have been identified for initial access to email accounts. Phishing emails are sent that direct...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, HHS, Provider, Technology
Related Articles:
Dr. Oz, RFK Jr. on Medicare, Medicaid: 10 notes
RFK Jr. eyes overhaul of Medicare physician pay: What to know
Reading RFK Jr.’s tea leaves
New HHS leader could overhaul Medicare physician reimbursement: reports
OIG again deems HHS' infosec program ineffective

Share This Article