BELL Ambulance confirmed a February 2025 breach that impacted 237,830 individuals, exposing personal, financial, and health information. On 13 February 2025, it detected unauthorised access and engaged third‑party forensic specialists to determine the scope, with the company noting that an unauthorised individual had accessed data within the Bell network. The breach was disclosed on 14 April after the Medusa ransomware group claimed responsibility for the attack and the theft of over 219 GB of data.
Bell Ambulance completed its review on 20 February 2026, and revealed to the Maine Attorney General Office that attackers accessed its network between 7 and 14 February 2025; the organisation subsequently notified affected individuals in stages and issued a data breach notification letter.
In response, Bell reset all passwords, secured accounts, and offered 12 months of free credit monitoring and identity protection to those impacted, advising monitoring of credit reports and account statements for suspicious activity. The data breach notification letter shared with the Maine Attorney General Office is quoted in official communications, and the company emphasised a thorough review of impacted portions of its network to determine the information involved and its recipients.