The healthcare sector has seen a significant rise in social engineering attacks, according to the 2026 Data Breach Investigations Report (DBIR) by Verizon. Ransomware and vendor breaches continue to plague the industry, but the increasing sophistication of social engineering tactics has made healthcare organizations more vulnerable to cyber threats. The report highlights the evolving nature of these attacks, which often involve phishing and pretexting techniques designed to deceive employees into divulging sensitive information. As a result, healthcare organizations must remain vigilant and implement robust security measures to protect against these types of attacks. The DBIR's findings emphasize the need for ongoing employee training and awareness programs to prevent social engineering attacks from succeeding1. This matters to cybersecurity practitioners because the healthcare sector's vulnerability to social engineering attacks can have severe consequences, including compromised patient data and disrupted medical services.