Following a cybersecurity incident dubbed as an indirect ‘HHS data breach’, and theft of funds, the U.S. Department of Health and Human Services has taken the decisive step of removing HHS Login from its grantee payment system.
This move comes in the wake of a cyberattack on HHS, wherein hackers exploited data from a federal contracting hub to siphon funds from seven grantee organizations.
The HHS cybersecurity incident, which transpired between March 2023 and the close of the same year, saw threat actors make off with a staggering $7.5 million, with the potential for this figure to escalate as internal assessments progress, reported Nextgov/FCW.
HHS Cybersecurity Incident and Removal of Login from Grantee Payment System
The perpetrators behind this HHS cybersecurity incident employed a sophisticated strategy, leveraging information gleaned from SAM.gov and publicly available data to impersonate legitimate employees within grant recipient organizations. This enabled them to alter banking details, facilitating the illicit transfer of funds.
To strengthen its defenses, HHS has replaced HHS Login with the private sector tool ID.me within its Payment Management System, responsible for processing grant payments across government agencies. Notably, both HHS and the General Services Administration (GSA), overseers of Login.gov, assert that the identity system remained uncompromised and disconnected from the theft.
Despite the proactive measures taken by HHS, questions linger regarding the specifics of the breach and subsequent security protocols. Efforts to obtain official statements or responses from relevant government entities regarding the removal of HHS Login from the grantee payment system remain unanswered at present.
Response to the HHS Leak and Stolen Funds
This incident highlights the rise of cyberattacks on multiple sectors in the US, with data breaches and cyberattacks becoming increasingly prevalent. In 2023 alone, a staggering 133 million healthcare records were compromised, marking an escalation from previous years. The recent cyberattack on Change Healthcare in February 2024 further highlights the urgent need for enhanced cybersecurity measures within the industry.
Responding to these challenges, the Biden administration unveiled a comprehensive federal strategy in December 2023 aimed at shoring up cybersecurity defenses within the healthcare sector. Titled “Health Care Sector Cybersecurity,” this strategy delineates 20 Cybersecurity Performance Goals (CPGs), providing detailed guidelines for healthcare systems to fortify their defenses.
Building upon existing initiatives such as the creation of the “wall of shame” and tailored training, this strategy represents a concerted effort to mitigate cyber vulnerabilities within the healthcare industry. By outlining clear expectations and performance goals, the plan aims to equip healthcare systems with the necessary tools to fight against cybercrime.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
