Two separate data breaches in the U.S. have exposed sensitive information of more than 236,000 people. These incidents involve two organizations: Endue Software in New York and Medical Express Ambulance (MedEx) in Illinois.

Endue Software creates software used by infusion centers, which help treat patients with medication delivered directly into their bloodstream. In February this year, the company found that hackers had broken into its system. This breach led to the exposure of personal details of around 118,000 individuals. The leaked information included full names, birth dates, Social Security numbers, and unique medical record identifiers. While there is currently no proof that the stolen data has been used illegally, the company isn’t taking any chances. It has added more safety tools and measures to its systems. It is also offering one year of free credit monitoring and identity protection to help affected people stay safe from fraud.

In a different case, MedEx, a private ambulance service provider based in Illinois, reported that it was also hit by a cyberattack. This breach happened last year, but the details have recently come to light. Information belonging to more than 118,000 people was accessed by attackers. The data included health records, insurance information, and even passport numbers in some cases.

These events are part of a larger pattern of cyberattacks targeting the healthcare industry in the U.S. In recent months, major organizations like UnitedHealth Group and Ascension Health have also suffered large-scale data breaches. Cybercriminals often go after hospitals and medical companies because the data they store is very valuable and can be used for scams or identity theft.

Both Endue and MedEx are working with cybersecurity experts to investigate the breaches and improve their systems. People affected by these incidents are being advised to be extra cautious. They should use the free protection services, monitor their bank and credit accounts, and immediately report anything unusual.