Skip to main content

Acadian Ambulance Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The Lyon Firm is investigating data breach claims on behalf of plaintiffs nationwide who may have been impacted by a recent ransomware attack, targeting the network at Acadian Ambulance Services. The cyberattack has allegedly compromised the protected health and personal information of millions of patients.

What happened at Acadian Ambulance Services?

Acadian Ambulance has confirmed that it was the victim of a cyberattack in June 2024 that disrupted certain computer systems. Acadian has said that they learned of a ransomware attack after detecting suspicious network activity that disrupted their IT systems.

The Daixin Team ransomware group has claimed responsibility for this particular attack and has apparently demanded $7 million in ransom. The group says to pay the ransom or they will publish the stolen health information of 11 million customers, as well as employee data records. The stolen data allegedly includes the following:

  • Social Security Numbers
  • Names
  • Dates of birth
  • Medical record numbers
  • Medical and treatment information
  • Phone numbers
  • Employment information

Based in Lafayette, Louisiana, Acadian is one of the largest private ambulance services companies in the country, serving over 20 million people in Louisiana, Mississippi, Tennessee, and Texas.

The ambulance services company says they responded to the attack by shutting down impacted systems and activating backups. Such actions may have prevented a greater impact on patient care, but the trove of stolen personal data could not be retrieved. Acadian then hired a third-party cybersecurity team to investigate the cyberattack. After an investigation, the ambulance services company will contact impacted individuals with more details.

Acadian has not confirmed much of what Daixin has claimed, but they have also not refuted the seriousness of the attack. It is critical for any impacted individuals to understand the risks of a data theft event. When PHI and other data is leaked, victims may be at increased risk of fraud and medical identity theft.

Ambulance services and other healthcare companies are big targets for cybercriminals due to the amount of personal information the companies collect and store on company servers.

In May 2024, DocGo Inc., another ambulance service operating in 30 U.S. states, reported a cybersecurity incident. A year earlier, in May 2023, Superior Air-Ground Ambulance Service, an Illinois-based service, was hit with a cyberattack that leaked the personal data of 858,000 people. MedStar Mobile Healthcare also reported a ransomware attack that impacted hundreds of thousands of individuals.

Daixin Team has been known to exploit VPN vulnerabilities, compromised VPN credentials, and VPNs without multi-factor authentication. The ransomware group obtains credentials via malicious email attachments and resets passwords.

Contact our data breach lawyers following any data theft incident that impacts you or a loved one. Call for a free consultation, and to learn more about filing class action data breach claims. We can assist you in the aftermath of any data privacy intrusion, and guide you through the legal process if you choose to pursue this route.