AHA & Health-ISAC Joint Threat Bulletin
On March 18th, the American Hospital Association (AHA) and Health Information Sharing and Analysis Center (Health-ISAC) issued a joint bulletin warning of a potential coordinated multi-city terrorist attack targeting hospitals. The AHA and Health-ISAC have created and are sharing this bulletin out of an abundance of caution to spread awareness of the potential threat. The AHA and Health-ISAC are in close contact with the FBI regarding the threat and will provide additional information as it becomes available.
At this time, no information is available to either corroborate or discount this threat’s credibility. Generally, foreign terrorist groups do not publicize their upcoming attacks. However, this widely viewed post may encourage others to engage in malicious activity directed toward the health sector, so threats of this nature should be taken seriously. Security teams should review emergency management plans and spread awareness of the potential threat internally.
It is recommended that organizations review and evaluate the coordination and capabilities of physical security, cybersecurity, and emergency management plans. Also, increasing relationships with local and federal law enforcement may streamline response efforts during an attack. In addition, staff and security teams should remain vigilant for any suspicious activity, as well as people or vehicles on organizational premises or in the vicinity of health sector facilities. If any are identified, it is advised to notify local law enforcement immediately.
Additional Details:
On March 18, 2025, user @AXactual made a post on X with details related to the active planning of a coordinated, multi-city terrorist attack on United States health sector organizations. The details of the post can be reviewed at the above link to gain further insight into the specific nature of the threat.
Recommendations:
The AHA and Health-ISAC recommend that teams review security and emergency management plans and heighten staff awareness of the threat. Although the threat’s credibility cannot be verified at this time, physical security protocols and practices should be reviewed. Having a publicly visible security presence can help mitigate the risk of being a potential target. The post referencing the attacks states that the primary targets are mid-tier cities with low-security facilities. With the information claiming multiple simultaneous targets, they would likely select health sector facilities with visibly weak security and conduct prior planning to coordinate the attacks. It is common practice for individuals contemplating targeted acts of violence to conduct pre-attack surveillance and reconnaissance. Having a visible security presence can mitigate being chosen as a target during the planning phase of an attack.
Contact Us
Watch for further information from the AHA and Health-ISAC on this potential threat. Health-ISAC provides this information to prevent the successful exploitation and disruption of your security apparatus. For more information, see Health Industry Cybersecurity Practices (HICP): Managing Threats and Protecting Patients or contact our Risk Management team.
Related Resources: American Hospital Association (AHA) and Health Information Sharing and Analysis Center (Health-ISAC). “Potential Terror Threat Targeted at Health Sector: AHA and Health-ISAC Joint Threat Bulletin.” March 18, 2025. Link to PDF.
This content is for informational purposes only and not for the purpose of providing professional, financial, medical or legal advice. You should contact your licensed professional to obtain advice with respect to any particular issue or problem. Please refer to your policy contract for any specific information or questions on applicability of coverage.
Please note coverage can not be bound or a claim reported without written acknowledgment from a OneGroup Representative.