European healthcare giant AMEOS reveals data breach - millions of users warned to be on their guard, here's what we know

2 weeks ago 5

(Image credit: Rawpixel / Pixabay)

AMEOS Group hit by worrying cyberattack
sensitive patient, employee, and partner information all lost in attack
Users warned to be on their guard in case of threats or scams

Major European healthcare provider AMEOS Group has confirmed suffering a cyberattack in which it lost sensitive patient, employee, and partner information.

In a short announcement recently published on its website, the company said despite “extensive” security measures, it was unable to prevent a “brief” access to its IT systems.

During that “brief” outing, the attackers stole data belonging to patients, employees, and partners, as well as contact details related to individuals or companies. AMEOS did not discuss the data further, so we don’t know how extensive contact details are, or if healthcare or payment information had been stolen.

A warning to patients

“It cannot be ruled out that this data could be misused online or made accessible to third parties, potentially to the detriment of those affected,” the company stressed.

We also don’t know how many people are affected by the attack, just yet. However, AMEOS is a rather large healthcare provider, so it’s safe to assume this is a major incident.

The organization counts 18,000 staff members in more than 100 hospitals, clinics, rehabilitation centers, and nursing homes, operating across Central Europe - in Switzerland, Germany, and Austria, and is one of the largest private hospital groups in the broader DACH region, counting more than 10,000 beds and with annual revenue exceeding $1.4 billion.

It is safe to assume that the numbers of affected individuals will be published after a more thorough investigation.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

AMEOS concluded its announcement by saying it took all the usual steps after an incident like this one: it disconnected its networks, shut down its IT infrastructure to contain the damage, brought in third-party IT and forensic experts, reinforced existing security measures, notified the police and relevant government authorities.

Finally, it urged customers to be wary of incoming emails:

“Attackers may use data such as email addresses to involve you in fraud schemes. Please be cautious of unauthorized, excessive, or suspicious-looking advertisements or job offers in your inbox.”

Via BleepingComputer

Interlock ransomware attacks highlight need for greater security standards on critical infrastructure
Take a look at our guide to the best authenticator app
We've rounded up the best password managers

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article