Alpine Ear, Nose & Throat Data Breach 2025: 65,648 Patients Exposed in BianLian Ransomware Attack on Fort Collins ENT · $330K Class-Action Settlement Pending
Alpine Ear, Nose & Throat, PLLC, a Fort Collins, Colorado ENT practice, was breached by the BianLian extortion group in November 2024. Names, Social Security numbers, dates of birth, medical records, health insurance details, financial account information, and credit-card data (including CVCs) for 65,648 patients were exposed. A class-action settlement in Pfirrman v. Alpine Ear, Nose, & Throat received preliminary approval, with a final fairness hearing on August 11, 2026.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Nov 19, 2024
Unauthorized access to Alpine ENT systems begins (incident date identified in subsequent investigation)
Nov 26, 2024
Alpine ENT identifies the security incident and begins forensic investigation
Dec 2, 2024
BianLian extortion group adds Alpine ENT to its data-leak site, claiming responsibility
Jan 17, 2025
Alpine ENT posts substitute breach notice on its website while review remains ongoing
Jan 17, 2025
HIPAA breach notification filed with HHS Office for Civil Rights (65,648 individuals; Network Server)
Oct 9, 2025
Forensic file review of exposed data completed; affected-individual list compiled
Jan 26, 2026
Final list of affected individuals finalized
Jan 30, 2026
Individual patient notification letters mailed (more than 14 months after discovery)
Mar 5, 2026
Settlement agreement signed by plaintiff Anthony Pfirrman and Alpine ENT (defendant represented by Wilson Elser LLP)
Mar 26, 2026
Larimer County District Court grants preliminary approval of the class-action settlement
Apr 24, 2026
Class-action settlement notice mailing begins (Pfirrman v. Alpine Ear, Nose, & Throat)
May 6, 2026
Class-action settlement finalized in Larimer County District Court
Jun 23, 2026
Deadline for class members to object to or exclude from the settlement
Jul 23, 2026
Settlement claim submission deadline
Aug 11, 2026
Final fairness hearing scheduled (8:30 a.m., Larimer County District Court)
Nov 19, 2024
Unauthorized access to Alpine ENT systems begins (incident date identified in subsequent investigation)
Nov 26, 2024
Alpine ENT identifies the security incident and begins forensic investigation
Dec 2, 2024
BianLian extortion group adds Alpine ENT to its data-leak site, claiming responsibility
Jan 17, 2025
Alpine ENT posts substitute breach notice on its website while review remains ongoing
Jan 17, 2025
HIPAA breach notification filed with HHS Office for Civil Rights (65,648 individuals; Network Server)
Oct 9, 2025
Forensic file review of exposed data completed; affected-individual list compiled
Jan 26, 2026
Final list of affected individuals finalized
Jan 30, 2026
Individual patient notification letters mailed (more than 14 months after discovery)
Mar 5, 2026
Settlement agreement signed by plaintiff Anthony Pfirrman and Alpine ENT (defendant represented by Wilson Elser LLP)
Mar 26, 2026
Larimer County District Court grants preliminary approval of the class-action settlement
Apr 24, 2026
Class-action settlement notice mailing begins (Pfirrman v. Alpine Ear, Nose, & Throat)
May 6, 2026
Class-action settlement finalized in Larimer County District Court
Jun 23, 2026
Deadline for class members to object to or exclude from the settlement
Jul 23, 2026
Settlement claim submission deadline
Aug 11, 2026
Final fairness hearing scheduled (8:30 a.m., Larimer County District Court)
Data exposed
01
High-risk identity
Enables financial + identity theft
02
Health records
Don't expire and can't be reissued
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
Alpine Ear, Nose & Throat, PLLC, a Fort Collins, Colorado ENT practice, filed a HIPAA breach notification with the U.S. Department of Health and Human Services Office for Civil Rights on January 17, 2025, reporting 65,648 affected individuals in an Unauthorized Access/Disclosure event at a Network Server. Subsequent reporting and the BianLian extortion group’s own leak-site posting establish that the intrusion is a ransomware-style data-theft event. Unauthorized access began on or about November 19, 2024, the incident was identified on November 26, 2024, and BianLian listed Alpine ENT on its data-leak site in early December 2024. Individual notification letters did not begin to mail until January 30, 2026, roughly 14 months after discovery.
The exposed data set is unusually broad and severe for a single-practice provider. Not only protected health information, but Social Security numbers, financial account numbers, and full credit-card details (including CVC and expiration dates). A class-action settlement in Larimer County District Court is now in the notice-and-claims phase, with a final fairness hearing set for August 11, 2026.
Timeline
- November 19, 2024 — Unauthorized access to Alpine ENT’s network begins (incident date identified in the subsequent forensic investigation).
- November 26, 2024 — Alpine ENT identifies the security incident and engages outside forensic and legal counsel.
- December 2, 2024 — BianLian extortion group adds Alpine Ear, Nose & Throat to its data-leak site, publicly claiming responsibility and signaling exfiltration of patient data.
- January 17, 2025 — Alpine ENT posts a substitute breach notice on its website; HIPAA breach notification filed the same day with HHS OCR for 65,648 individuals.
- October 9, 2025 — Forensic file review of the exfiltrated data is completed.
- January 26, 2026 — Final list of affected individuals is compiled.
- January 30, 2026 — Alpine ENT mails individual patient notification letters.
- March 5, 2026 — Settlement agreement signed by plaintiff Anthony Pfirrman and Alpine ENT.
- March 26, 2026 — Court grants preliminary approval of the class-action settlement.
- April 24, 2026 — Court-approved class-action settlement notice mailing begins.
- May 6, 2026 — Settlement finalized (per initial court record; see settlement site for current status).
- June 23, 2026 — Deadline for class members to object or opt out.
- July 23, 2026 — Claim submission deadline.
- August 11, 2026 — Final fairness hearing at 8:30 a.m., Larimer County District Court.
What was exposed
Per the individual notification letters and the official settlement notice, the data elements exposed include:
- Name and demographic information
- Date of birth
- Medical records and clinical information
- Health insurance information
- Financial account information
- Credit card numbers, CVC security codes, and expiration dates
- Social Security number
The exposure of payment-card CVCs alongside Social Security numbers and clinical records is materially worse than a typical HIPAA breach of this size. It enables both card-not-present financial fraud and conventional identity theft from a single data set.
What Alpine ENT is offering
Alpine ENT’s notification letters offer affected individuals 12 months of complimentary credit monitoring and identity-theft protection services through IDX. The letters include an enrollment code and set an enrollment deadline of April 30, 2026 (that deadline has now passed; affected individuals who did not enroll should contact the settlement administrator at (833) 386-6505).
Under the class-action settlement, class members may instead elect (one option only):
- Up to $5,000 in reimbursement for documented out-of-pocket losses traceable to the breach.
- Up to $80 for lost time, calculated as up to 4 hours at $20/hour with self-attestation.
- A flat $50 cash payment with no documentation required.
- Two years of specialized medical identity-theft monitoring through the settlement administrator.
Defendant obligations under the settlement include up to $330,000 in plaintiffs’ attorneys’ fees and costs and a $2,500 service award for the class representative.
Class-action and regulatory posture
The class action is captioned Pfirrman v. Alpine Ear, Nose, & Throat, PLLC, Case No. 2025CV127, in the District Court of Larimer County, Colorado, administered by Simpluris, Inc. Class counsel are William B. Federman and Jessica A. Wilkes of Federman & Sherwood, appointed by the court. Alpine ENT is represented by David M. Ross and Brian H. Myers of Wilson Elser LLP. Additional investigating firms include Schubert Jonckheer & Kolbe LLP, Edelsberg Law, Markovits Stock & DeMarco LLC, and Wolf Haldenstein Adler Freeman & Herz LLP. Pleaded claims include negligence, negligence per se, invasion of privacy, breach of implied contract, breach of confidence, breach of fiduciary duty, unjust enrichment, and declaratory judgment.
The settlement agreement was signed March 5, 2026. The court granted preliminary approval on March 26, 2026. Alpine ENT denies all wrongdoing but agreed to settle to avoid the costs and risks of continued litigation. Settlement payouts can be issued via PayPal, Venmo, Zelle, virtual prepaid card, or physical check.
Alpine ENT filed breach notifications with the attorneys general of at least 15 states, including California, Indiana, Iowa, Maine, Massachusetts, Montana, Nebraska, New Hampshire, Oregon, Rhode Island, South Carolina, Texas, Vermont, and Washington. The Maine AG filing confirms that 10 Maine residents were affected, along with 8 New Hampshire residents and 7 Massachusetts residents.
The HHS OCR portal entry remains classified as Unauthorized Access/Disclosure at Network Server and is open pending closure of OCR’s review. The 14-month gap between discovery and individual notification is a likely focus of regulatory and judicial scrutiny.
What to do if you may be affected
- Decide on your settlement option by July 23, 2026. If you received a notification letter from Alpine ENT, you are presumptively a class member. The flat $50 payment requires no documentation; the $5,000 reimbursement option requires receipts. Use only the official settlement site, aentdatasettlement.com. Do not pay any third party to file on your behalf.
- Freeze your credit with Equifax, Experian, and TransUnion. With Social Security numbers exposed, a freeze is materially more protective than monitoring alone. It is free and reversible.
- Cancel and replace any credit card that was on file with Alpine ENT, even if the card has not yet shown fraud. Because CVCs and expiration dates were exposed, the cards on file should be treated as fully compromised, not merely flagged.
- Enroll in the offered monitoring. The 12-month IDX credit monitoring enrollment deadline in the notification letter was April 30, 2026. If that window has passed without enrollment, contact the settlement administrator at (833) 386-6505 or [email protected] to access the 2-year medical identity-theft monitoring option available through the class-action settlement.
- Watch for medical identity theft. Review every Explanation of Benefits from your health insurer and request a copy of your medical record if you see services you did not receive. Diagnostic and treatment history was in the exposed data set.
- Be alert to targeted phishing. Threat actors with name, date of birth, ENT-treatment context, and an active payment card on file can craft highly convincing follow-on scams, including fake “settlement administrator” outreach. Do not provide payment or account details over the phone.
- Stop the ongoing flow of your ENT and medical data. HealthConsent files HIPAA restriction requests so the diagnostic, treatment, and insurance information exposed in this breach is not continuously re-shared across health information exchanges and third-party data networks.
Sources
- HHS Office for Civil Rights Breach Portal — federal regulatory record (filing dated 2025-01-17, 65,648 individuals, Network Server, Unauthorized Access/Disclosure).
- HIPAA Journal — Alpine Ear, Nose, & Throat Settles Class Action Data Breach Lawsuit — exposed-data list, BianLian attribution, settlement amount, key dates.
- HIPAA Journal — Patients Learn Their Health Data Was Compromised More Than a Year Ago — discovery date, notification delay, BianLian leak-site posting.
- Pfirrman v. Alpine Ear, Nose, & Throat — Official Settlement Site (aentdatasettlement.com) — case caption, case number, court, deadlines, claim instructions.
- Schubert Jonckheer & Kolbe — Privacy Alert: Alpine Ear, Nose, & Throat Investigation — investigation summary and exposed-data confirmation.
- Federman & Sherwood — Alpine Ear, Nose, and Throat Data Breach Investigation — plaintiff-side investigation summary.
- PR Newswire — Privacy Alert: Alpine Ear, Nose, & Throat Under Investigation for Data Breach of 65,648 Records — affected-count and investigation confirmation.
- ClaimDepot — Alpine ENT Data Breach — IDX as credit monitoring vendor, April 30, 2026 enrollment deadline, 15-state AG filing list, geographic breakdown (10 ME, 8 NH, 7 MA residents).
- ClassAction.org — Alpine Ear, Nose & Throat Settlement — preliminary approval March 26, 2026; settlement class definition.
- Wolf Haldenstein Adler Freeman & Herz LLP — Alpine ENT Investigation — additional investigating firm, February 2, 2026.
- Federman & Sherwood — Alpine ENT Class Action Settlement Update — preliminary approval date, court-appointed class counsel identification.
- ClaimDepot — Alpine ENT Settlement Details — payout methods (PayPal, Venmo, Zelle, prepaid card, check), fund breakdown, Wilson Elser LLP as defense counsel.
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- HHS Office for Civil Rights Breach Portal
- HIPAA Journal — Alpine Ear, Nose, & Throat Settles Class Action Data Breach Lawsuit
- HIPAA Journal — Patients Learn Their Health Data Was Compromised More Than a Year Ago
- Pfirrman v. Alpine Ear, Nose, & Throat, PLLC — Official Settlement Site
- Schubert Jonckheer & Kolbe — Privacy Alert: Alpine Ear, Nose, & Throat Investigation
- Federman & Sherwood — Alpine Ear, Nose, and Throat, PLLC Group Data Breach Investigation
- PR Newswire — Privacy Alert: Alpine Ear, Nose, & Throat, P.C. Under Investigation for Data Breach of 65,648 Records
- ClaimDepot — Alpine ENT Data Breach (IDX monitoring vendor, state AG filings, geographic scope)
- ClassAction.org — Alpine Ear, Nose & Throat Settlement (preliminary approval March 26, 2026)
- Wolf Haldenstein Adler Freeman & Herz LLP — Alpine ENT Data Breach Investigation
- Federman & Sherwood — Alpine Ear, Nose & Throat Class Action Settlement Update
- ClaimDepot — Alpine ENT Settlement Details (payout options, fund breakdown)
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.