Alpine Ear, Nose & Throat this week confirmed it notified 65,648 people of a November 2024 data breach that compromised the following personal info:
- Names
- Social Security numbers
- Credit card numbers, expiration dates, and CVCs
- Financial account info
- Medical info
- Health insurance info
- Dates of birth
- Demographic info
Alpine posted a preliminary notice about the breach on its website in January 2025 but did not reveal the number of victims or types of data until now.
A ransomware group called BianLian took credit for the breach in December 2024. BianLian said it stole financial, human resources, and patient data from Alpine.
Alpine has not verified BianLian’s claim. We do not know how attackers breached Alpine’s network, why it took so long to notify patients, if Alpine paid a ransom, or how much BianLian demanded. Comparitech contacted Alpine for comment and will update this article if it replies.
“On November 19, 2024, AENT discovered that its systems were potentially compromised by an unauthorized actor,” says Alpine’s latest notice to victims. “The forensic investigation concluded that personal information within AENT’s systems was subject to unauthorized access.”
Alpine is offering eligible victims free credit monitoring through IDX. The deadline to enroll is April 30, 2026.
Who is BianLian?
BianLian, like some other ransomware groups, extorts victims for stolen data but does not encrypt targeted systems. It first started posting victims to its data leak site in late 2021.
BianLian has claimed responsibility for 92 confirmed data breaches, compromising 6.17 million records. Over half of those came from organizations in the healthcare sector such as hospitals and clinics.
Some of BianLian’s other healthcare breaches include:
- St. Clair Orthopaedics and Sports Medicine notified 340,000 people of a data breach claimed by BianLian
- Mid-Florida Primary Care notified 16,435 people
- Aspire Rural Health System notified 138,386 people
Ransomware attacks on US healthcare
Comparitech researchers logged 179 ransomware attacks on US hospitals, clinics, and other healthcare providers in 2024, compromising the personal data of 28.7 million people. In 2025, we logged 110 such attacks, though some might not have been reported yet.
Last month, TriCity Family Services in Illinois began notifying 2,511 patients of a November 2024 data breach claimed by Inc Ransomware.
Ransomware attacks on US hospitals, clinics, and other care providers can steal data and lock down infected computer systems. They can cripple critical systems and endanger the health, privacy, and security of patients. Infected hospitals and clinics must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk. Hospitals and clinics might resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About Alpine ENT
Alpine Ear, Nose and Throat consists of three medical clinics in Fort Collins, Loveland, and Greeley, Colorado.
