Skip to main content

Bell Ambulance Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

The data breach lawyers at Lyon Firm are reviewing a reported data breach at Bell Ambulance that may have resulted in a large amount of personal data to be acquired by a cybercriminal group. Contact our legal team to discuss this more in depth and to consider filing a class action complaint following any instance of IT security negligence.

We have filed numerous data breach lawsuits on behalf of clients nationwide. We seek compensation for related damages and aim to hold any negligent company accountable for losses. Call for a free consultation.

What Happened at Bell Ambulance?

According to a notice posted on their website on February 13, 2025, Bell Ambulance became aware of unauthorized activity on its computer network. The company hired a third-party cybersecurity team to help investigate the incident and later concluded that a hacker did access certain files. Bell is in the process of determining the full scope of the breach, including the number of individuals impacted.

A cybercriminal group called MEDUSA has claimed responsibility for the attack, identifying it as a ransomware incident. On March 2, 2025, MEDUSA announced that they had obtained around 219 GB of Bell Ambulance data. They threatened to publish the stolen data if their demands were not met.

The following types of consumer information exposed in this data breach include names, dates of birth, Social Security numbers, driver’s license numbers, and financial account information. Compromised protected health information (PHI) may include medical information and health insurance details.

MEDUSA Ransomware Attacks

MEDUSA has not only claimed the Bell data breach this week, but also claimed a ransomware attack that targeted Albany College of Pharmacy and Health Sciences (ACPHS). ACPHS detected unusual activity and believes they were attacked between August 31, 2024 and September 14, 2024.

Albany College of Pharmacy has said in a notice that the following data could be compromised: names, dates of birth, birth certificates, account numbers, routing numbers, security codes, marriage certificates, mother’s maiden names, digital signatures, passport numbers, government identification numbers, Social Security numbers, taxpayer ID numbers, driver’s license numbers, payment card numbers, payment card expiration dates, alien registration numbers, usernames and passwords, and student information.