The AMEOS Group, which operates over 100 hospitals across Europe, has taken unprecedented measures by shutting down its entire network after suffering a significant cyber attack. The Swiss-owned organization reported that unknown attackers gained access to its IT systems, potentially compromising sensitive patient health records and data related to its business partners.
In a statement released on Wednesday, the AMEOS Group announced that all internal and external network connections have been severed as part of a controlled shutdown process. The organization emphasized that IT and forensic service providers were called in immediately to evaluate the extent of the breach and to implement stricter security measures. More details remain scarce at this time, as the network remains offline.
In compliance with the European Union’s stringent General Data Protection Regulation (GDPR), AMEOS promptly informed its over 18,000 employees and an estimated 500,000 patients and suppliers about the incident. While the organization warned of potential unauthorized access to personal and company data, communication to their leadership was hampered, with calls going directly to voicemail.
While there have been no indications yet of the stolen data being posted on ransomware forums, AMEOS has advised both patients and employees to remain vigilant. The organization cautioned that attackers could utilize the stolen information to trick individuals into scams, urging them to be wary of suspicious emails and offers. The incident may also be tied to recent vulnerabilities in Microsoft SharePoint, which have affected numerous companies across different sectors.
Healthcare facilities have increasingly become prime targets for cybercriminals, often due to the critical nature of their services. Previous attacks have disrupted essential medical treatments, illustrating the dangers posed to patient safety and data security in a sector where the stakes are exceptionally high.