Cyberthreat actors using ChatGPT exploit to attack health care, other industries

Mar 18, 2025 - 03:44 PM
Cybersecurity with lock

A ChatGPT vulnerability identified last year is being used by cyberthreat actors to attack security flaws in artificial intelligence systems, according to a March 12 report by Veriti, a cybersecurity firm. The National Institute of Standards and Technology lists the vulnerability as medium risk, but Veriti said it has been used by cyberthreat actors in more than 10,000 attack attempts worldwide. Financial institutions, health care and government organizations have been top targets for the attacks, the firm said. The attacks could lead to data breaches, unauthorized transactions, regulatory penalties and reputational damage. 
 
“This could allow an attacker to steal sensitive data or impact the availability of the AI tool,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “This highlights the importance of integrating patch management into a comprehensive governance plan for AI when it is implemented in a hospital environment. The fact that the vulnerability is a year old and a proof of concept for exploitation has been published for some time is also a good reminder of the importance of timely patching of software.” 
 
For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.

Related News Articles

Headline
HHS doubles childhood cancer research funding to accelerate AI-based projects 
The Department of Health and Human Services announced Sept. 30 that it is doubling its funding for childhood cancer research from $50 million to $100 million…
Headline
AHA podcast: The Texas Model for Cyber Resilience in Health Care 
Fernando Martinez, Ph.D., chief digital officer at the Texas Hospital Association, shares how Texas and the THA are building regional resilience through cyber…
Headline
Senate fails to pass CR, government shutdown begins while health programs expire
The federal government shut down Oct. 1 following a failed Senate vote on the House-passed continuing resolution to fund the government by midnight Sept. 30.…
Headline
FDA seeks feedback on measuring AI-enabled medical device performance
The Food and Drug Administration today issued a request for public comment on a series of questions regarding current approaches to evaluating artificial…
Headline
OSTP seeks comment on laws, regulations hindering AI development and adoption
The Office of Science and Technology Policy issued a request for information Sept. 26 seeking feedback on federal regulations that hinder AI development,…
Chairperson's File
Chair File: Leadership Dialogue — Driving Transformation Through AI and Other Tech Tools with Epic CMO Jackie Gerhart
Public
Although hospitals and health systems are facing many pressures and challenges, now is the time to truly transform how we care for our patients and communities…