Cyberattack on AMEOS healthcare network may have exposed patient and employee data

AMEOS Group, one of Central Europe’s largest private healthcare providers, has confirmed a cybersecurity breach that may have compromised sensitive information belonging to patients, employees, and business partners.

In a public notice posted on its website, the Zurich-based organization acknowledged the unauthorized access to its IT systems and warned that personal and contact information could have been affected. The disclosure complies with Article 34 of the European Union’s General Data Protection Regulation (GDPR), which requires notification to individuals when their data may be at risk due to a breach.

“Despite our extensive security measures, unauthorized third parties were able to gain access to our IT systems,” AMEOS stated. “It cannot be ruled out that this data may be misused on the internet to the detriment of those affected or made accessible to third parties.”

The healthcare provider has not yet confirmed whether any data has been leaked or used maliciously. However, as a precautionary measure, AMEOS has shut down all internal and external network connections and deactivated its IT infrastructure. External cybersecurity and forensic specialists have been brought in to assist with the investigation and containment efforts.

AMEOS has also notified the relevant data protection authorities in Switzerland, Germany, and Austria and filed a criminal complaint with law enforcement.

The group operates more than 100 facilities, including hospitals, clinics, nursing homes, and rehabilitation centers, across the DACH region. With over 18,000 employees and more than 10,000 hospital beds, AMEOS generates annual revenue exceeding $1.4 billion, making it a critical player in the region’s healthcare ecosystem.

As of now, there is no evidence that the stolen data has been disseminated online, and no ransomware group has claimed responsibility for the intrusion. The organization did not confirm whether data encryption or a ransom demand was involved, leaving the exact nature and origin of the attack unknown.

AMEOS has urged anyone who has received care at its facilities to exercise caution against phishing emails and fraudulent activity. The investigation remains ongoing, and the company has pledged to provide further updates as more details emerge.