Data Breaches 238,000 Impacted by Bell Ambulance Data Breach Hackers stole personal information such as names, Social Security numbers, and driver’s license numbers. By Ionut Arghire | March 11, 2026 (9:34 AM ET) Flipboard Reddit Whatsapp Whatsapp Email Ambulance services provider Bell Ambulance is notifying nearly 238,000 individuals that their personal, financial account, medical, and health insurance information was compromised in a February 2025 data breach. The Milwaukee, Wisconsin-based healthcare organization detected the network intrusion on February 13, 2025, and disclosed the incident on April 14, roughly a month after the Medusa ransomware gang claimed responsibility for it. Bell Ambulance said at the time that 114,000 people had been impacted. This week, Bell Ambulance notified the Maine Attorney General’s Office that hackers had access to its network between February 7 and February 14, 2025. The organization told the Maine AGO that it has sent notification letters to 237,830 individuals who were affected by the data breach. A copy of the notification letter submitted to the Maine AGO shows that Bell completed its investigation into the compromised information on February 20, 2026. The compromised information, the organization said last year, includes names, Social Security numbers, dates of birth, and driver’s license numbers, along with financial account and medical and health insurance information. Advertisement. Scroll to continue reading. “In response to this event, Bell secured its network, reset passwords, secured all accounts, and conducted a full investigation into the incident,” the organization said in its incident notice. Bell Ambulance is providing the impacted individuals with 12 months of free credit monitoring and identity protection services and is encouraging them to remain vigilant of potential fraud and identity theft incidents. In March last year, the Medusa ransomware group claimed the theft of 219.50 GB of data from Bell Ambulance. The threat actor has since published the allegedly stolen data, which suggests that the organization did not pay a ransom. Related: Michelin Confirms Data Breach Linked to Oracle EBS Attack Related: Thousands Affected by Ericsson Data Breach Related: New LexisNexis Data Breach Confirmed After Hackers Leak Files Related: 1.2 Million Affected by University of Hawaii Cancer Center Data Breach Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Microsoft Patches 83 Vulnerabilities Adobe Patches 80 Vulnerabilities Across Eight Products SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Escape Raises $18 Million to Automate Pentesting Recent Ivanti Endpoint Manager Flaw Exploited in Attacks ClickFix Attack Uses Windows Terminal to Evade Detection Internet Infrastructure TLD .arpa Abused in Phishing Attacks Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign Latest News Scanner Raises $22 Million for AI-Powered Threat Hunting OpenAI to Acquire AI Security Startup Promptfoo Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities How to 10x Your Vulnerability Management Program in the Agentic Era Michelin Confirms Data Breach Linked to Oracle EBS Attack Quantro Security Emerges From Stealth With $2.5 Million in Funding ‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Moxa, Mitsubishi Electric Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Securing Fragile OT in an Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Virtual Event: Supply Chain Security and Third-Party Risk Summit March 18, 2026 Join the event where top security experts unpack the biggest software supply chain risks. Register People on the Move Ed Jennings has been appointed President and CEO at Darktrace. Ironscales has appointed Steven Malone as CSO and Amit Bluman as SVP of Research & Development. Synack has appointed Angela Heindl-Schober Chief Marketing Officer. More People On The Move Expert Insights How to 10x Your Vulnerability Management Program in the Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose a Critical Flaw in Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat as Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) How to Eliminate the Technical Debt of Insecure AI-Assisted Software Development Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable. (Matias Madou) Security in the Dark: Recognizing the Signs of Hidden Information Security failures don’t always start with attackers, sometimes they start with missing truth. (Joshua Goldfarb) Flipboard Reddit Whatsapp Whatsapp Email