SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

238,000 Impacted by Bell Ambulance Data Breach

Hackers stole personal information such as names, Social Security numbers, and driver’s license numbers.
Healthcare data breach

Ambulance services provider Bell Ambulance is notifying nearly 238,000 individuals that their personal, financial account, medical, and health insurance information was compromised in a February 2025 data breach.

The Milwaukee, Wisconsin-based healthcare organization detected the network intrusion on February 13, 2025, and disclosed the incident on April 14, roughly a month after the Medusa ransomware gang claimed responsibility for it. Bell Ambulance said at the time that 114,000 people had been impacted. 

This week, Bell Ambulance notified the Maine Attorney General’s Office that hackers had access to its network between February 7 and February 14, 2025.

The organization told the Maine AGO that it has sent notification letters to 237,830 individuals who were affected by the data breach.

A copy of the notification letter submitted to the Maine AGO shows that Bell completed its investigation into the compromised information on February 20, 2026.

The compromised information, the organization said last year, includes names, Social Security numbers, dates of birth, and driver’s license numbers, along with financial account and medical and health insurance information.

Advertisement. Scroll to continue reading.

“In response to this event, Bell secured its network, reset passwords, secured all accounts, and conducted a full investigation into the incident,” the organization said in its incident notice.

Bell Ambulance is providing the impacted individuals with 12 months of free credit monitoring and identity protection services and is encouraging them to remain vigilant of potential fraud and identity theft incidents.

In March last year, the Medusa ransomware group claimed the theft of 219.50 GB of data from Bell Ambulance. The threat actor has since published the allegedly stolen data, which suggests that the organization did not pay a ransom.

Related: Michelin Confirms Data Breach Linked to Oracle EBS Attack

Related: Thousands Affected by Ericsson Data Breach

Related: New LexisNexis Data Breach Confirmed After Hackers Leak Files

Related: 1.2 Million Affected by University of Hawaii Cancer Center Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: A Step-by-Step Approach to AI Governance
April 28, 2026

With "Shadow AI" usage becoming prevalent in organizations, learn how to balance the need for rapid experimentation with the rigorous controls required for enterprise-grade deployment.

Register

Virtual Event: Threat Detection and Incident Response Summit
May 20, 2026

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Register

People on the Move

Neill Feather has been named Chief Executive Officer at Point Wild.

Oasis Security has appointed Michael DeCesare as President.

Sterling Wilson has joined IGEL as Global Field CTO, Business Continuity and Disaster Recovery.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.