Data breach potential at Ameos Clinics: Information of patients and staff could be compromised
In a series of unsettling events, Ameos Group, one of the largest private clinic operators in the German-speaking world, has been hit by a cyberattack that affected several of its clinics in Saxony-Anhalt. The attack, which occurred at the beginning of July, has led to disruptions in digital systems and raised concerns about potential data breaches.
The hacker attack, suspected to be the work of pro-Russian groups, also affected websites of several ministries in the region. As a result, the rescue vehicle in the Harz could not reach Ameos hospitals due to disrupted deployment apps, leading to longer transport routes for emergency cases.
Following the cyberattack, all digital systems at Ameos were shut down as a precautionary measure to prevent further spread and to protect their IT infrastructure. However, it has been admitted that access to their systems could not be prevented during the attack. The data breach occurred due to unauthorized access by an unknown third party between February 14, 2025, and May 13, 2025.
While specific details about the compromised data are not fully disclosed, the breach involved certain systems within Ameos, which implies that sensitive data related to patients or internal operations may have been accessible to the attackers during that period. The shutdown of all digital systems indicates a severe incident meant to contain the breach and prevent data loss or further unauthorized access.
Currently, the incident is acknowledged with containment measures in place, but no detailed public report on the exact data compromised has been released yet. The situation reflects ongoing efforts to secure the affected systems and investigate the breach further.
In the meantime, patients and employees of Ameos are advised to be on the lookout for suspicious emails or other potential scams that may exploit the situation.
The repercussions of the cyberattack extend beyond the digital realm. The relocation of clinic areas from Staßfurt to Bernburg, which has sparked criticism, has been accelerated due to the IT outage. This move has raised questions about how emergencies get to the right hospital quickly, especially in Salzland County where the emergency room in Bernburg will only treat neurological emergencies in the future.
Restructuring plans in Salzland County have also raised concerns due to a lack of information and potential dismissals. Ongoing discussion for nearly 15 years about the preservation of the hospital location in Staßfurt adds to the uncertainty.
Despite these challenges, the situation in the emergency rooms in the Harz region has significantly improved after the IT problems in Halberstadt. The emergency rooms remain open, and no one will be turned away in an emergency.
As the situation unfolds, Ameos has filed a report on a possible data protection breach with the data protection office of Sachsen-Anhalt. The company is working diligently to address the issues and ensure the safety and well-being of its patients and employees.
[1] Source: TechCrunch, July 12, 2025 [2] Source: ZDNet, July 14, 2025
- The cyberattack on Ameos Group, a major private clinic operator in the German-speaking world, has raised concerns about potential data breaches related to medical-conditions and health-and-wellness, as sensitive patient data may have been compromised during unauthorized access between February 14, 2025, and May 13, 2025.
- In the midst of this incident, it's crucial for patients and employees of Ameos to be vigilant against suspicious emails or scams exploiting the situation, as these tactics could pose threats to their cybersecurity.
- The repercussions of the cyberattack are not confined to digital matters—it has also impacted Ameos's physical infrastructure, prompting the relocation of clinic areas and sparking discussions about emergency services and hospital locations, necessitating a focus on general-news and policy developments in health-and-wellness and technology.
