The U.S. Department of Health and Human Services (HHS) has issued a cybersecurity warning to hospitals about advanced social engineering attacks.

Hackers are impersonating hospital employees and manipulating IT help desk staff to compromise security measures like multi-factor authentication.

The attacks involve sophisticated techniques including AI voice impersonation and rerouting financial transactions to hacker-controlled accounts.

The Health Sector Cybersecurity Coordination Center (HC3) urges hospitals to enforce strict verification processes like callbacks and password resets.

The HHS has released guidance for IT help desks on how to counteract these threats and encourages training for recognizing and reporting suspicious activities.

This alert is part of broader efforts to safeguard healthcare data and financial assets from the increasing threat of cyber attacks.