MedEx
Data Breach Class Action Lawsuit

Posted: April 15, 2025 -- Attention, victims of the MedEx data breach.

Abington Cole + Ellery is investigating the data breach recently announced by MedEx.

MedEx Data Breach Summary:

Approximately 118,000 individuals were affected by the MedEx data breach.

Breached data may include, but is not necessarily limited to: full names, dates of birth, demographic data, Social Security numbers, driver’s license numbers, medical data, financial data, health insurance data, usernames and passwords, and passport data for some.

On March 18, 2024, MedEx Ambulance Service, based in Skokie, Illinois, experienced a network disruption affecting certain systems, leading to a data security incident. The company disconnected all network access and engaged a cybersecurity firm to investigate, finding evidence of unauthorized access to some files. The breach potentially exposed sensitive information, including names, dates of birth, Social Security numbers, and medical details. MedEx is notifying affected individuals by mail and providing credit monitoring and identity theft restoration services for those with impacted Social Security numbers. The company has enhanced security measures, such as changing credentials and adding security tools, with no reports of misuse as of May 2, 2024. As of April 15, 2025, MedEx continues to investigate, and the exact number of affected individuals remains unclear. The evidence leans toward the breach being a significant cybersecurity event, but further details on how it occurred are not publicly available.

MedEx implemented several measures to address the breach and enhance security. These include changing administrative credentials, notifying law enforcement, enhancing network security, disconnecting all network access, implementing an organization-wide credential reset, and adding additional security tools. These actions reflect a comprehensive approach to securing the environment and preventing further unauthorized access.

To support affected individuals, MedEx is offering complimentary credit monitoring and identity theft restoration services for those whose Social Security numbers were impacted, with enrollment information provided by mail. The company is also notifying affected individuals as information becomes available, ensuring compliance with legal notification requirements.

As a result of the data breach, MedEx is offering 12 months of free credit monitoring and/or identity theft protection services to some affected individuals.

Additional information about the MedEx data breach may be found here: MedEx Data Breach Notification, and here: MedEx Notice of Data Security Incident.

About MedEx:

MedEx Ambulance Service operates as a medical transportation provider based in Skokie, Illinois, with a history spanning over two decades since its founding in 1998. The organization offers a range of services, including emergency and non-emergency ground ambulance transport, critical care transfers, and air ambulance coordination through partnerships. Its operations cover the Chicagoland area, serving hospitals, healthcare facilities, and communities with a fleet of vehicles equipped for basic life support, advanced life support, and specialized care needs. MedEx maintains facilities in Skokie and Chicago, with a communications center and administrative offices supporting round-the-clock dispatch.

The company emphasizes staff development through education programs, offering training in areas such as trauma care, pediatric care, and cardiac care for its emergency medical personnel. MedEx provides a free EMT education program for individuals pursuing certification, covering emergency medical care and preparing students for national exams. The organization employs paramedics, EMTs, registered nurses, dispatchers, and administrative staff, fostering a team-oriented environment. Its leadership has been recognized within the industry, with affiliations to professional associations like the American Ambulance Association.

MedEx integrates technology into its operations, using computer-aided dispatch systems and cardiac monitors to support patient care. The organization collaborates with healthcare institutions, including pediatric and university hospitals, to facilitate patient transfers and medical transport.

The MedEx Website may have additional information about or provide periodic updates regarding the data breach.

For more information about steps you can take to possibly reduce the chances harm arising from a data breach, please review the following article: What are some steps you can take if you've been the victim of a data breach?

If you believe you are a victim of the MedEx data breach, and if you would like to volunteer to serve as a class representative in a class action lawsuit regarding this data breach, please submit your information via the form on this webpage. This website is not associated with nor authorized by MedEx or any affiliated companies. If you have received any other data breach notifications, you may to review Abington Cole + Ellery's current list of data breach investigations.