KINGSTON, Jamaica – Access Financial Services Limited (AFS) has sought to reassure its customers, shareholders and stakeholders that it maintains full control of its network and remains vigilant in monitoring the online space following a recent cybersecurity incident.

According to the company in a media release on Sunday, its investigation confirmed that the incident had resulted in a data breach. AFS said it has since notified the Office of the Information Commission (OIC), and a formal report was also made to the police.

“AFS first became aware of the cybersecurity incident on February 26, 2025, and immediately took steps to contain it. With the support of international cybersecurity consultants, the company disrupted the unauthorised access and secured its network. There has been no other security incident since. Investigations subsequently confirmed that unauthorised access to sensitive areas had resulted in a data breach from the incident. In keeping with the regulations under the Jamaica Data Protection Act, management formally notified the Office of the Information Commission (OIC) within the prescribed timeframe. A formal report was also made to the police,” the company said.

AFS continued that “ongoing cyber surveillance has revealed that personal data extracted, presumably from the company’s network, was released on the dark web on March 21, 2025, along with a posted ransom. No direct contact has been made with the company. Affected data subjects include clients and customers; however, the company is unable to confirm the nature of all the data that has been impacted.”

The company said its management is taking the necessary steps to inform stakeholders of this latest development, including data subjects and the OIC.

AFS further urged its clients and customers to monitor their accounts and online interactions for any unusual or suspicious activities.