Bleeping Computer reports that hospitals are being warned about a social engineering trick used by hackers to gain access:
The sector alert issued by the Health Sector Cybersecurity Coordination Center (HC3) this week says these tactics have allowed attackers to gain access to targeted organizations’ systems by enrolling their own multi-factor authentication (MFA) devices.
In these attacks, the threat actors use a local area code to call organizations pretending to be employees in the financial department and provide stolen ID verification details, including corporate ID and social security numbers.
Read more at Bleeping Computer. The full sector alert can be found at https://www.hhs.gov/sites/default/files/help-desk-social-engineering-sector-alert-tlpclear.pdf