Source: Dark Reading — 22 May 2026
What we are tracking
Ransomware and vendor breaches persist. The "2026 Data Breach Investigations Report" (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
RingSafe analysis
Indian hospital chains (Apollo, Fortis, Manipal, Max) and the rapidly digitising tier-2/3 hospital networks now sit in the same threat envelope the DBIR describes for US healthcare — rising vishing, MFA-fatigue, and vendor-impersonation against revenue-cycle and billing staff. The Ayushman Bharat Digital Mission accelerates exposure by widening the attack surface to thousands of smaller Health Information Providers. Map to MITRE ATT&CK T1566 (Phishing), T1566.004 (Spearphishing Voice), and T1078.004 (Cloud Accounts). Under DPDP, hospital data falls under Section 9 sensitive treatment of minors when paediatric records are involved, and Section 8 breach notification applies broadly — so social-engineering-driven email compromise is now both a CERT-In CSIRT-Health reportable event and a Data Protection Board concern. Action this quarter: run a phishing-resistance drill against finance and billing teams; mandate FIDO2 for VPN and EMR access; rehearse the 72-hour DPDP notification flow.
Read the original report
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks → at Dark Reading
Get a free attack-surface review
We check what an attacker would see about your business — leaked credentials, exposed services, dark-web mentions. 30 minutes, no obligation.