- AMEOS Group hit by worrying cyberattack
- sensitive patient, employee, and partner information all lost in attack
- Users warned to be on their guard in case of threats or scams
Major European healthcare provider AMEOS Group has confirmed suffering a cyberattack in which it lost sensitive patient, employee, and partner information.
In a short announcement recently published on its website, the company said despite “extensive” security measures, it was unable to prevent a “brief” access to its IT systems.
During that “brief” outing, the attackers stole data belonging to patients, employees, and partners, as well as contact details related to individuals or companies. AMEOS did not discuss the data further, so we don’t know how extensive contact details are, or if healthcare or payment information had been stolen.
A warning to patients
“It cannot be ruled out that this data could be misused online or made accessible to third parties, potentially to the detriment of those affected,” the company stressed.
We also don’t know how many people are affected by the attack, just yet. However, AMEOS is a rather large healthcare provider, so it’s safe to assume this is a major incident.
The organization counts 18,000 staff members in more than 100 hospitals, clinics, rehabilitation centers, and nursing homes, operating across Central Europe - in Switzerland, Germany, and Austria, and is one of the largest private hospital groups in the broader DACH region, counting more than 10,000 beds and with annual revenue exceeding $1.4 billion.
It is safe to assume that the numbers of affected individuals will be published after a more thorough investigation.
AMEOS concluded its announcement by saying it took all the usual steps after an incident like this one: it disconnected its networks, shut down its IT infrastructure to contain the damage, brought in third-party IT and forensic experts, reinforced existing security measures, notified the police and relevant government authorities.
Finally, it urged customers to be wary of incoming emails:
“Attackers may use data such as email addresses to involve you in fraud schemes. Please be cautious of unauthorized, excessive, or suspicious-looking advertisements or job offers in your inbox.”
Via BleepingComputer
You might also like
- Interlock ransomware attacks highlight need for greater security standards on critical infrastructure
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
