Bell Ambulance and Alabama Ophthalmology Associates have suffered data breaches affecting over 100,000 people after being targeted in ransomware attacks.

One of them is Milwaukee, WI-based Bell Ambulance, which provides ambulance services in the area. The company revealed last week in a data security notice that it detected a network intrusion on February 13, 2025.

An investigation showed that hackers gained access to files containing information such as name, date of birth, SSN, and driver’s license number, as well as financial, medical and health insurance information.

Bell Ambulance did not say in its public notice how many individuals are impacted, but the Department of Health and Human Services (HHS) data breach tracker revealed on Monday that 114,000 people are affected.

The Medusa ransomware group announced hacking Bell Ambulance in early March, claiming to have stolen more than 200 Gb of data from its systems.

The second healthcare organization to confirm a data breach impacting more than 100,000 people is Birmingham, AL-based ophthalmology practice Alabama Ophthalmology Associates.

Attacks using this ransomware have displayed consistent TTPs and grown steadily since 2023.

The prolific Medusa ransomware group claims to have stolen troves of data from HCRG, including patients’ sensitive health data

The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.

Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company.

While the main trend in the cyber threat landscape in recent months has been MoveIt and Cl0p, NCC Groups’ Cyber Incident Response Team have also been handling multiple different ransomware groups over the same period.

In the ever-evolving cybersecurity landscape, one consistent trend witnessed in recent years is the unsettling rise in ransomware attacks. These nefarious acts of digital extortion have left countless victims scrambling to safeguard their data, resources, and even their livelihoods. To counter this threat, every person in the cyber security theatre has a responsibility to shine light on current threat actor Tactics, Techniques and Procedures (TTP’S) to assist in improving defences and the overall threat landscape.

It took two years of middle school girls accusing their Minneapolis English teacher of eyeballing their bodies in a “weird creepy way,” for district investigators to substantiate their complaints.

Their drawn-out response is revealed in confidential and highly sensitive Minneapolis Public Schools investigative records that are now readily available online — just one folder in a trove of tens of thousands of leaked files that outline campus rape cases, child abuse inquiries, student mental health crises and suspension reports.

The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly stolen in a ransomware attack.

A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands.