AMS, a leading provider of emergency medical rescue services, today announces that it has experienced a data breach that compromised a small number of patient records, vendor information and other sensitive company data. The breach was discovered on 19 July 2024, and immediate steps were taken to contain the incident and mitigate its impact.
What Happened?
On 19 July 2024, our IT security team identified unusual activity within our network. Upon further investigation, it was confirmed that unauthorized access to our systems had occurred, resulting in the exposure of confidential information contained in a small number of mailboxes.
What Information Was Involved?
The exposed data includes patient names, contact information, medical histories, and in a limited number of cases, banking and employer details as well. Additionally, some internal company data was accessed containing information regarding our vendors and staff. We are currently working to determine the full scope of the breach.
Compliance with POPI Act
We are committed to complying with the Protection of Personal Information Act (POPIA) of South Africa, which mandates the protection of personal information processed by public and private bodies. This breach is a serious violation of the privacy rights enshrined in the POPI Act, and we are taking all necessary measures to address this incident in accordance with the Act’s requirements1.
What Are We Doing?
We take the security of our patients’, vendor and staff information very seriously. Upon discovering the breach, we immediately engaged our IT advisory experts to assist in our response and to enhance our security measures. We have also notified the Information Regulator and we will cooperate fully with their investigations. Where we have their contact information, we will personally be notifying each patient who could potentially be affected by this breach.
What You Can Do
We recommend that our patients monitor their credit records for any unusual activity. South Africa’s credit bureaus all offer free credit reports and we encourage you to make use of this facility. You can also place fraud alerts of your credit profiles to instruct creditors to take extra steps to verify your identity before extending credit. If you notice anything suspicious, please contact the financial institution involved immediately.
Our Commitment
We deeply regret any inconvenience or concern this incident may cause. AMS is committed to maintaining the trust and confidence of our patients and partners. We are taking all necessary steps to prevent such incidents from occurring in the future and to protect the privacy and security of our data.
For further information, please contact:
Venessa Horn
PR and Information Officer
amsio@ams.org.za