Acadian Ambulance 2024 Data Breach

Acadian Ambulance Service Breach (2024): 2.5 Million Patient Records Including SSN Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Daixin TeamRansomwareMedicalEmail AddressFull NamePhone NumberSocial Security Number
High SeverityWebsite / service breach

Acadian Ambulance Service Breach (2024): 2.5 Million Patient Records Including SSN Exposed

Ambulance, medical transport, and emergency response provider.

Verified by ObscureIQ Intelligence
77/100Breach Risk Index
28Data Value
40Market Recency
354dSince Breach

Breach Intelligence Summary

Entity: Acadian Ambulance · Actor: Daixin Team · Sources: 2 references
Attack: Ransomware
Profile: Healthcare provider · Emergency medical transport services · Regional ambulance and care network · USA
Timeline: Breach (2024-06-19) · Indexed (May 08, 2025) · Year (2024)
Exposure: 2.5M records · 4 fields: Email Address, Full Name, Phone Number, Social Security Number
Status: Reported

Executive Summary

Acadian Ambulance Service, a Louisiana-based private ambulance company serving roughly 24 million residents across four states, suffered a ransomware attack carried out by the Daixin Team between June 19 and June 21, 2024. The attackers gained unauthorized access to Acadian's network, exfiltrated patient files, and were detected on June 21 when the company isolated affected systems. Daixin Team demanded a $7 million ransom and claimed to have stolen 10 million records. Acadian countered with $173,000 and did not meet the demand. The company reported the breach to the U.S. Department of Health and Human Services on August 20, 2024, disclosing that approximately 2.9 million individuals were affected. The published record count stands at 2.5 million. The exposed data included names, Social Security numbers, dates of birth, phone numbers, medical record numbers, and treatment information collected during patient intake. For many people, contact with an ambulance service happens during a medical emergency, making this an unexpected source of credential exposure. Social Security numbers paired with medical and personal details create conditions for identity theft, medical fraud, and insurance abuse. Scammers can also use medical context to make targeted phishing attempts more convincing. Acadian began notifying affected individuals in November 2024 and offered complimentary credit monitoring through CyEx. A consolidated class-action lawsuit was subsequently filed against the company. Acadian moved to dismiss, arguing plaintiffs had not demonstrated actual harm, and a federal magistrate judge had not yet ruled on that motion as of mid-2025. Affected individuals should monitor their credit reports, review their health insurance statements for unfamiliar claims, and consider placing a fraud alert or security freeze with the major credit bureaus.

ObscureIQ assessment: Severe risk. This data supports identity theft, medical fraud, insurance abuse, and highly targeted scams that exploit medical vulnerability. Because ambulance providers often serve people in crisis, the downstream harm potential is especially high.

Breach Impact

Daixin Team ransomware attackers gained unauthorized access to Acadian's network between June 19 and June 21, 2024, exfiltrating data before Acadian detected the intrusion and isolated affected systems on June 21. Acadian's rapid response — activating backup systems and maintaining dispatch operations — prevented direct impact on patient care. The company reported the breach to HHS on August 20, 2024, disclosing that approximately 2.9 million individuals' protected health information was involved. Exposed data included names, Social Security numbers, dates of birth, medical record numbers, medical and treatment information, phone numbers, and employment data. Daixin Team demanded $7 million; Acadian countered with $173,000. The ransom demand was not met. Acadian began notifying affected individuals in November 2024 and offered complimentary credit monitoring through CyEx. A consolidated class-action lawsuit was filed, which Acadian subsequently moved to dismiss, arguing plaintiffs had not demonstrated actual harm. A federal magistrate judge had not yet ruled on that motion as of mid-2025.

About Acadian Ambulance

Acadian Ambulance Service is a Louisiana-based employee-owned private ambulance company founded in 1971, recognized as one of the largest private ambulance services in the United States. The company operates emergency and non-emergency transport, air medical services, and at-home medical care across Louisiana, Texas, Mississippi, and Tennessee, serving a combined population of approximately 24 million residents. Its operations require collecting extensive protected health information at the point of patient care.

Why They Hold Your Data

Medical transportation providers collect patient intake and transport records, including names, SSNs, dates of birth, addresses, and detailed medical information tied to emergency and non-emergency care.

Recent Developments

Acadian Ambulance has continued operating across its service territory following the 2024 breach. The company has engaged in post-incident security improvements. The consolidated class-action litigation and its attempted dismissal remain pending as of early 2026. No major structural changes have been reported beyond the breach response context.

Data Points Exposed

4 verified field types
Email Address
Full Name High
Phone Number
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Identity theft and synthetic identity construction using government-issued IDs
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Full identity theft & synthetic identity fraud

Threat Actor: Daixin Team

Daixin Team
Ransomware

Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Acadian Ambulance breach?

Acadian Ambulance Service, a Louisiana-based private ambulance company serving roughly 24 million residents across four states, suffered a ransomware attack carried out by the Daixin Team between June 19 and June 21, 2024. The attackers gained unauthorized access to Acadian's network, exfiltrated…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation