Monthly Archives: June 2024

Bad Actors Use Prescription Updates to Collect Your PHI

Posted on by

Most often, when we hear about a hospital or medical system getting hit by a hacker or malware to gather information, we think about credit cards or health info being used to extort money from individuals if the release of the information would be embarrassing.

Hospitals or other health agencies often downplay the significance of the information released since it isn’t as immediately harmful as social security numbers or credit card info. However, any PII and PHI can be additional data points for a group building their list to do more than simply ask for money. In mass, bad actors can compile people into groups to social engineer them or know what to say to elicit reactions to fake political and economic information.

Recently, we got a call from the store where we fill our prescriptions. The call started off sounding slightly robotic, but once we responded to one question, a human (or quality AI) came on the line. They said there was an issue with a prescription that they needed to inform us about. They asked us to confirm some personal information to ensure they were speaking to the right person. They only stated one item before asking for our DOB, address, and other details. We didn’t provide that info since they should already know it—they called us.

We said we would call them back rather than give any info. Interestingly, they didn’t give us a number to call them back or a ‘fake’ reference number. We called our local pharmacy, which confirmed there was no problem with our prescription and no record of the company calling us.

While some of these calls may be legitimate, this incident reminds us that spoofing a call from a number is easy for these individuals, and giving any info just makes their job easier. In our case, it proved to be someone attempting to gather data for malicious purposes, likely targeting a massive list due to the bot transferring the call to a human.

Please note that if you purchase from clicking on a link, it may result in my getting a tiny bit of that sale to help keep this site going. If you enjoy my work, perhaps you would consider donating to my daily cup of coffee, thank you.