December 2025
The Bank of Cyprus Oncology Centre confirms that a malicious third party has proceeded with the unauthorized publication of certain data that were unlawfully extracted from its systems. This negative development confirms that the initial indications were accurate and that an actual data breach occurred.
Since the incident was identified, the Centre has been cooperating with the Police, with the Office of the Commissioner for Personal Data Protection, and the Digital Security Authority, and has been working closely with specialized teams of engineers and cybersecurity consultants.
It has now been confirmed that the perpetrators of the malicious attack have unfortunately gained access to patients' personal data as well as employee data, which they are threatening to further disclose to the media and on social media.
The Centre's management team is handling the case in full coordination with and in accordance with the instructions of the state authorities. At the same time, additional measures have been implemented to enhance the security of its systems.
The Centre is committed to resolving the situation and protecting the personal data of its patients and employees. Its operations continue as normal.