European healthcare giant AMEOS reveals data breach - millions of users warned to be on their guard, here's what we know

News
By published

Attackers "briefly" accessed AMEOS network

healthcare
(Image credit: Rawpixel / Pixabay)
  • AMEOS Group hit by worrying cyberattack
  • sensitive patient, employee, and partner information all lost in attack
  • Users warned to be on their guard in case of threats or scams

Major European healthcare provider AMEOS Group has confirmed suffering a cyberattack in which it lost sensitive patient, employee, and partner information.

In a short announcement recently published on its website, the company said despite “extensive” security measures, it was unable to prevent a “brief” access to its IT systems.

During that “brief” outing, the attackers stole data belonging to patients, employees, and partners, as well as contact details related to individuals or companies. AMEOS did not discuss the data further, so we don’t know how extensive contact details are, or if healthcare or payment information had been stolen.

Get Keeper's Personal Password Manager plan for just $1.67/month

Get Keeper's Personal Password Manager plan for just $1.67/month

Keeper is a password manager with top-notch security. It's fast, full-featured, and offers a robust web interface. The Personal Plan gets you unlimited password storage across all your devices, auto-login & autofill to save time, secure password sharing with trusted contacts, biometric login & 2FA for added security.

View Deal

A warning to patients

“It cannot be ruled out that this data could be misused online or made accessible to third parties, potentially to the detriment of those affected,” the company stressed.

We also don’t know how many people are affected by the attack, just yet. However, AMEOS is a rather large healthcare provider, so it’s safe to assume this is a major incident.

The organization counts 18,000 staff members in more than 100 hospitals, clinics, rehabilitation centers, and nursing homes, operating across Central Europe - in Switzerland, Germany, and Austria, and is one of the largest private hospital groups in the broader DACH region, counting more than 10,000 beds and with annual revenue exceeding $1.4 billion.

It is safe to assume that the numbers of affected individuals will be published after a more thorough investigation.

AMEOS concluded its announcement by saying it took all the usual steps after an incident like this one: it disconnected its networks, shut down its IT infrastructure to contain the damage, brought in third-party IT and forensic experts, reinforced existing security measures, notified the police and relevant government authorities.

Finally, it urged customers to be wary of incoming emails:

“Attackers may use data such as email addresses to involve you in fraud schemes. Please be cautious of unauthorized, excessive, or suspicious-looking advertisements or job offers in your inbox.”

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.