Bell Ambulance breach impacts over 237K

Bell Ambulance, which is Wisconsin's leading ambulance provider, had information from 237,830 individuals stolen after its systems were compromised in a February 2025 cyberattack claimed by the Medusa ransomware-as-a-service operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Infiltration of Bell Ambulance's systems allowed threat actors to pilfer individuals' Social Security numbers, financial accounts, driver's license numbers, medical details, and health insurance information, said the company in breach notices filed with Maine regulators. While Bell Ambulance noted delivery of breach notifications beginning in April, additional victims have been identified throughout the fall. Such a development comes more than a year after Medusa sought $400,000 in ransom payments over its alleged theft of 219 GB of data from Bell Ambulance.

Over 300 critical infrastructure organizations have already been targeted by Medusa since its emergence in June 2021, noted an FBI alert released a month after the Bell Ambulance hack.