Home > Security > Security News

Medusa Extorts Bell Ambulance with 210GB Data

Published
Written by:
Vishwa Pandagle
Vishwa Pandagle
Cybersecurity Staff Editor
MedusaLocker
Created using Copilot | Powered by DALL.E 3

The Medusa ransomware group has claimed responsibility for targeting a U.S.-based emergency and non-emergency medical services company. The group named Bell Ambulance, Inc. on the dark web and placed a deadline of 7 days for ransom payment.

They exfiltrated 210.50GB of data allegedly from the ambulance service provider and posted about it on March 2, 2025. 

Dark Web Claim About Bell Ambulance Posted by the Medusa Ransomware Group.
Dark Web Claim About Bell Ambulance Posted by Medusa | Source: FalconFeeds.io/ X

The dark web ransomware claim had received 26 views at the time it was shared by the threat intelligence platform, FalconFeeds on March 3rd. 

We approached the company with the threat intelligence post about Medusa’s claim. We will update this report after receiving a response.

Bell Ambulance, Inc. has been operating since 1977 and offers 82 ambulances for Basic Life Support (BLS) emergency and non-emergency 911 services. They also offer services for ALS Paramedic emergencies and the Children’s Wisconsin Critical Care Transport Team. 

Bell Ambulance has over 700 employees and annually receives over 120,000 calls.

The company has not made any announcements mentioning a security incident on its website. Nor has there been any update about services being disrupted. 

The Names of Companies Allegedly Extorted by Medusa.
Names of Companies Allegedly Extorted by Medusa | Source: FalconFeeds.io

The Medusa group has been naming targeted companies on the dark web and trying to extort them with stolen information. Among the recently named companies were Mundelein Park & Recreation District, Laurens County School District 56, Heartland Health Center Inc, and Aurora Broadworks.

Medusa gave a deadline of 14 to 11 days for ransom payment to the U.S.-based companies which included educational and healthcare service providers.

The targeting pattern of Medusa points toward desperation in extorting victims and exploiting vulnerable sectors that could be pressured into ransom payment keeping their services in mind.


Add a Comment
Related
Singapore’s HomeTeamNS that Serves the Police Force Confirmed a Ransomware Attack
Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group
Termite Ransomware Leaked IVF Clinic Genea Patient Data on the Dark Web
INC Ransomware Leaks Videos of Sleeping Patients Allegedly from Persante Health Care
Brain Cipher Behind the Alleged Pulmonary Physicians of South Florida Ransomware Attack 
Bayhealth Medical Center Data Breach Claimed by Rhysida, Announced in Consumer Notice 
Most Popular
Without a PC, Locked iPhones can now be Reset and Erased
iOS Kernel Zero-Day Vulnerability Exploited in Sophisticated ‘Trigon’ Hack
Polish Space Agency Targeted by Cyberattack Acknowledged by Government
Cellebrite Zero-Day Exploit Used by Local Authorities to Unlock Serbian Activist's Phone
Singapore’s HomeTeamNS that Serves the Police Force Confirmed a Ransomware Attack
Oscar Winners 2025
Oscar Winners 2025: From Anora to The Brutalist and more, get the full list 
Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group
iOS Kernel Zero-Day Vulnerability Exploited in Sophisticated ‘Trigon’ Hack
Polish Space Agency Targeted by Cyberattack Acknowledged by Government
Cellebrite Zero-Day Exploit Used by Local Authorities to Unlock Serbian Activist's Phone
Singapore’s HomeTeamNS that Serves the Police Force Confirmed a Ransomware Attack
Oscar Winners 2025: From Anora to The Brutalist and more, get the full list 
Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group

Most Popular
Without a PC, Locked iPhones can now be Reset and Erased
iOS Kernel Zero-Day Vulnerability Exploited in Sophisticated ‘Trigon’ Hack
Polish Space Agency Targeted by Cyberattack Acknowledged by Government
Cellebrite Zero-Day Exploit Used by Local Authorities to Unlock Serbian Activist's Phone
Singapore’s HomeTeamNS that Serves the Police Force Confirmed a Ransomware Attack
Oscar Winners 2025
Oscar Winners 2025: From Anora to The Brutalist and more, get the full list 
Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group
iOS Kernel Zero-Day Vulnerability Exploited in Sophisticated ‘Trigon’ Hack
Polish Space Agency Targeted by Cyberattack Acknowledged by Government
Cellebrite Zero-Day Exploit Used by Local Authorities to Unlock Serbian Activist's Phone
Singapore’s HomeTeamNS that Serves the Police Force Confirmed a Ransomware Attack
Oscar Winners 2025: From Anora to The Brutalist and more, get the full list 
Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group

© 2025 TechNadu, a part of Leaprove Media LLP. All Rights Reserved.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: