MedEx Ambulance reports data breach affecting over 118,000 individuals
Learn More
Medical Express Ambulance Inc. (MedEx), based in Skokie, Illinois, is reporting a data breach potentially exposing sensitive health and personal information of 118,418 individuals.
MedEx detected a network disruption affecting system functionality on March 18, 2024. MedEx disconnected network access and hired cybersecurity experts to investigate. The investigation was completed on January 30, 2025 and the final list of affected individuals was compiled March 19, 2025. Exposed data includes:
- Names
- Dates of birth
- Demographic information
- Social Security numbers
- Driver's license and state ID numbers
- Medical information
- Financial information
- Health insurance details
- Usernames and passwords
- Passport information (for some individuals)
The nature of the attack is not disclosed.
Notification letters were mailed to affected individuals on April 14, 2025. MedEx is offering affected individuals 12 months of credit monitoring and identity theft protection services.
MedEx claims it is unaware of any misuse of the compromised information at this time, but the extended period between breach discovery and notification (over one year) raises concerns about potential unauthorized access during this window.
