This message from Ballad Health’s IT security team originated from the American Society of Health Care Engineering (ASHE), a professional membership group of the American Hospital Association (AHA).
The AHA has become aware of an ongoing cyber incident which may involve ASHE and AHA members and customers receiving fraudulent emails. These fraudulent emails may instruct recipients to make changes to the payment destination for pending payments to the AHA. Please do not act upon or reply to these emails (or other emails that are suspicious or unusual).
If you or someone in your organization received any such email recently to change payment instructions related to the AHA and changed your AHA payment destination based upon an email, we recommend the following steps (see below). In addition, consult with your counsel and your other cyber incident professionals.
Notify your financial institution immediately and ask that the payment be stopped or recalled. If notification is made to your financial institution within the first 24-48 hours of payment being issued, there is a high likelihood the payment can be recovered.
- Please call the AHA immediately at 800-424-4301 and provide all details of the payment destination, including a copy of all email correspondence.
- You may file a complaint with the FBI and provide the requested information. Speed is of the essence. The FBI’s Recovery Asset Team has a recovery success rate of over 70% when notifications are made within the first 24-48 hours of fraudulent payments being issued.
As a reminder, ASHE and the AHA will not issue payment change instructions via email. Payment change instructions must be verified verbally from known persons inside the AHA. Please do not call any telephone numbers listed in the payment change request email for verification. You can verify payment change instructions by contacting the AHA at 800-424-4301.
ASHE does not accept ACH or wire payments for individual membership dues. Credit card numbers are not stored in AHA systems. ASHE would never contact you to request a payment destination change.
We appreciate your attention to this issue and commitment to cybersecurity. Please don’t hesitate to reach out to the AHA if you have any questions or concerns.
