THE 2026 Data Breach Investigations Report (DBIR) highlights increased vulnerability in the healthcare sector to social engineering attacks, particularly those leveraging artificial intelligence (AI). Key findings include: social engineering is now among the top three attack patterns in breaches, accounting for 81% of incidents. Attackers utilize advanced techniques to exploit urgency in healthcare settings, adapting phishing strategies with AI-generated, context-aware communications.
The report suggests a rise in effective pretexting, where attackers impersonate trusted identities to manipulate targets. Experts call for enhanced security measures, including strong verification procedures and continuous security training, as healthcare remains a high-value target vulnerable to sophisticated social manipulation.