HealthLeaders Media January 26, 2024
Jasmyne Ray

As organizations level up their technology, hackers are leveling up their tactics – with a new target.

The American Hospital Association released a statement about a social engineering scheme where hackers pose as IT help desk personnel to steal information from revenue cycle workers or those in “sensitive financial roles.”

According to AHA, the threat actors will call IT help desks and use the “stolen personally identifiable information” of an employee to answer security questions. Hackers will then request a password reset and enroll a device, like a cell phone, into multi-factor authentication.

The cell phone will typically have a local area code, allowing the hacker to bypass pre-existing multiple-factor authentication to access the email and applications of the employee...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Health IT, Health System / Hospital, Provider, RCM (Revenue Cycle Mgmt), Technology
Related Articles:
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
3 leadership lessons we can learn from ethical hackers
Demonstrating Cybersecurity ROI: How To Get The C-Suite On Board With Zero Trust
Hospital cybersecurity spend to rise in 2025: 4 details
GAO: HHS falls short on healthcare cybersecurity

Share This Article