Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data. The incident illustrates how business processes can help avert theft of funds. The hospital’s payroll system requires a paper check be printed for two payrolls after any changes are made to an employees direct deposit. Security expert: “Treat an employee portal like an ATM machine at the bank. Require multifactor authentication as the authorization for handling sensitive transactions””]
Source: https://www.govinfosecurity.com/phishing-attack-aimed-at-stealing-payroll-deposits-a-12804