Cyberthreat actors using ChatGPT exploit to attack health care, other industries

Mar 18, 2025 - 03:44 PM
Cybersecurity with lock

A ChatGPT vulnerability identified last year is being used by cyberthreat actors to attack security flaws in artificial intelligence systems, according to a March 12 report by Veriti, a cybersecurity firm. The National Institute of Standards and Technology lists the vulnerability as medium risk, but Veriti said it has been used by cyberthreat actors in more than 10,000 attack attempts worldwide. Financial institutions, health care and government organizations have been top targets for the attacks, the firm said. The attacks could lead to data breaches, unauthorized transactions, regulatory penalties and reputational damage. 
 
“This could allow an attacker to steal sensitive data or impact the availability of the AI tool,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “This highlights the importance of integrating patch management into a comprehensive governance plan for AI when it is implemented in a hospital environment. The fact that the vulnerability is a year old and a proof of concept for exploitation has been published for some time is also a good reminder of the importance of timely patching of software.” 
 
For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
FDA announces real-time clinical trials, request for information
The Food and Drug Administration April 28 announced its plan to advance the implementation of real-time clinical trials, which invite participants to supply…
Headline
Advisory details shifting tactics of Chinese cyber actors using covert networks for malicious activity
A joint advisory released April 23 from U.S. and international cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency, FBI,…
Headline
FBI Co-deputy Director Andrew Bailey discusses current cyber and physical threats, rise of AI
FBI Co-deputy Director Andrew Bailey discussed a rise in cyber and physical threats impacting health care. He discussed health care as the top critical…
Headline
AI in health care: Experts discuss the future of AI practices and policies
Jim VandeHei, CEO of Axios; Marc Boom, M.D., AHA board chair and president and CEO of Houston Methodist; Anne Klibanski, M.D., president and CEO of Mass…
Headline
CMS Administrator Oz and Deputy Administrator Brillman discuss agency’s focus on innovation, reducing waste
Centers for Medicare & Medicaid Services Administrator Mehmet Oz, M.D., and CMS Deputy Administrator and Director of Medicaid and CHIP Dan Brillman sat…
Headline
HSCC releases guide on third-party AI risk, supply chain transparency
The Health Sector Coordinating Council’s Cybersecurity Working Group has released a guide on third-party artificial intelligence risk and AI supply…