Two Major Healthcare Ransomware Attacks Expose Data of Over 245,000 Patients Two U.S. healthcare organizations have confirmed ransomware attacks resulting in data breaches affecting more than 245,000 individuals. Both incidents involved the theft of sensitive personal and medical information. Bell Ambulance (Milwaukee, WI) Bell Ambulance, a Wisconsin-based emergency medical services provider, detected a network intrusion on February 13, 2025. An investigation revealed that hackers accessed files containing names, dates of birth, Social Security numbers (SSNs), driver’s license details, financial data, medical records, and health insurance information. While the company did not disclose the number of affected individuals, the U.S. Department of Health and Human Services (HHS) breach tracker later reported 114,000 impacted patients. The Medusa ransomware group claimed responsibility in early March, alleging the theft of over 200 GB of data. Alabama Ophthalmology Associates (Birmingham, AL) The Birmingham-based ophthalmology practice disclosed a breach on April 10, 2025, after detecting unauthorized access on January 30. Forensic analysis determined that hackers had infiltrated its systems as early as January 22, compromising patient data including names, addresses, dates of birth, driver’s license numbers, SSNs, medical records, and health insurance details. The BianLian ransomware group claimed the attack on February 19, and the HHS breach tracker confirmed 131,000 affected individuals. These incidents contribute to a growing trend of healthcare cyberattacks, with over 700 breaches reported in the U.S. last year, exposing more than 180 million records. Both organizations are among the latest high-profile targets in an ongoing wave of ransomware threats against the healthcare sector.