Alpine ENT Data Breach Exposes 65,648 Patients’ Sensitive Information
Alpine Ear, Nose & Throat (Alpine ENT), a Colorado-based healthcare provider with clinics in Fort Collins, Loveland, and Greeley, confirmed a November 2024 data breach affecting 65,648 individuals. The compromised data includes names, Social Security numbers, credit card details (including CVCs and expiration dates), financial account information, medical records, health insurance data, dates of birth, and demographic information.
The ransomware group BianLian claimed responsibility for the attack in December 2024, alleging it exfiltrated financial, human resources, and patient data. Alpine has not verified the group’s claims, nor has it disclosed how the breach occurred, whether a ransom was paid, or the attackers’ demands. The organization first acknowledged the incident in a January 2025 website notice but only recently revealed the full scope of the breach.
Alpine’s forensic investigation concluded that unauthorized access occurred on November 19, 2024, with affected individuals notified in early 2025. The company is offering free credit monitoring through IDX, with enrollment open until April 30, 2026.
BianLian, a ransomware group active since late 2021, specializes in data theft and extortion rather than system encryption. The group has claimed 92 confirmed breaches, exposing over 6.17 million records, with healthcare organizations including hospitals and clinics making up more than half of its targets. Recent healthcare victims include St. Clair Orthopaedics and Sports Medicine (340,000 records), Mid-Florida Primary Care (16,435 records), and Aspire Rural Health System (138,386 records).
The breach adds to a growing trend of ransomware attacks on U.S. healthcare providers. In 2024, researchers recorded 179 such incidents, compromising 28.7 million records. While 2025 has seen 110 reported attacks so far, some may still go unreported. These attacks disrupt critical systems, forcing hospitals to cancel appointments, divert patients, or revert to manual record-keeping, posing risks to patient safety and data security.
Alpine Ear, Nose, and Throat cybersecurity rating report: https://www.rankiteo.com/company/alpine-ear-nose-and-throat
"id": "ALP1770065797",
"linkid": "alpine-ear-nose-and-throat",
"type": "Ransomware",
"date": "11/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '65,648',
'industry': 'Healthcare',
'location': 'Fort Collins, Loveland, Greeley, '
'Colorado, USA',
'name': 'Alpine Ear, Nose & Throat (Alpine ENT)',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Free credit monitoring offered through IDX until '
'April 30, 2026',
'data_breach': {'data_exfiltration': 'Yes (alleged by BianLian)',
'number_of_records_exposed': '65,648',
'personally_identifiable_information': 'Names, Social '
'Security numbers, '
'dates of birth, '
'demographic '
'information',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Financial Data',
'Medical Records',
'Health Insurance Data']},
'date_detected': '2024-11-19',
'date_publicly_disclosed': '2025-01',
'description': 'Alpine Ear, Nose & Throat (Alpine ENT), a Colorado-based '
'healthcare provider, confirmed a November 2024 data breach '
'affecting 65,648 individuals. The compromised data includes '
'names, Social Security numbers, credit card details, '
'financial account information, medical records, health '
'insurance data, dates of birth, and demographic information. '
'The ransomware group BianLian claimed responsibility for the '
'attack, alleging it exfiltrated financial, human resources, '
'and patient data.',
'impact': {'brand_reputation_impact': 'Yes',
'data_compromised': 'Names, Social Security numbers, credit card '
'details (including CVCs and expiration '
'dates), financial account information, '
'medical records, health insurance data, dates '
'of birth, demographic information',
'identity_theft_risk': 'Yes',
'operational_impact': 'Disruption of healthcare services, '
'potential cancellation of appointments or '
'diversion of patients',
'payment_information_risk': 'Yes'},
'investigation_status': 'Completed (forensic investigation)',
'motivation': 'Data Theft and Extortion',
'ransomware': {'data_encryption': 'No (specializes in data theft and '
'extortion)',
'data_exfiltration': 'Yes',
'ransomware_strain': 'BianLian'},
'references': [{'source': 'Alpine ENT Website Notice'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (likely)']},
'response': {'communication_strategy': 'Website notice in January 2025, '
'notifications to affected individuals '
'in early 2025',
'third_party_assistance': 'IDX (credit monitoring)'},
'threat_actor': 'BianLian',
'title': 'Alpine ENT Data Breach Exposes 65,648 Patients’ Sensitive '
'Information',
'type': 'Data Breach, Ransomware'}