Allervie Health 2025 Data Breach
ObscureIQ Breach Intelligence
High SeverityWebsite / service breach
AllerVie Health Allergy & Immunology Breach (2025): 169K Patient SSN Exposed
Allergy, asthma, and immunology care provider.
Verified by ObscureIQ Intelligence
96/100Breach Risk Index
30Data Value
60Market Recency
115dSince Breach
Breach Intelligence Summary
Entity: Allervie Health · Actor: Anubis · Sources: 2 references
Attack: Ransomware
Profile: Healthcare provider · Allergy and immunology treatment · Specialty clinic network · USA
Timeline: Breach (2025-10-02) · Indexed (Jan 02, 2026) · Year (2025)
Exposure: 169K records · 5 fields: Email Address, Full Name, Phone Number, Physical Address, Social Security Number
Status: Reported
Executive Summary
AllerVie Health, a U.S.-based network of allergy, asthma, and immunology specialty clinics headquartered in Frisco, Texas, experienced a ransomware attack on its network between October 24 and November 3, 2025. The company discovered unusual activity on November 2, 2025 and engaged external cybersecurity experts to investigate. The Anubis ransomware group claimed responsibility for the attack on November 26, 2025 by listing AllerVie on its dark-web leak site and publishing samples of stolen medical files.\n\nThe breach affected approximately 169,000 individuals. Confirmed compromised fields in the public disclosure included names, email addresses, phone numbers, street addresses, and Social Security numbers. Public reporting and Anubis's leak-site samples indicated that the underlying data exfiltration also covered medical records, billing documents, internal schedules, insurance information, and diagnostic and treatment information specific to allergy and immunology care. Driver's license and state ID numbers were also identified in the affected dataset for some individuals.\n\nFor affected patients, the practical risk profile combines standard identity-fraud exposure with healthcare-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms the existence of an allergy or immunology care relationship, which can support medical-themed scam calls referencing real treatments, billing details, or insurance claims. Affected individuals should accept the credit monitoring offered by AllerVie, freeze credit at all three U.S. bureaus, monitor health-insurance explanation-of-benefits statements for unfamiliar charges, and treat unsolicited contact referencing AllerVie, allergy treatments, or insurance verification with caution.
ObscureIQ assessment: High risk of identity theft and medical fraud. Even where diagnosis data is not explicitly listed in the extracted fields, exposure of SSNs plus healthcare association makes patients vulnerable to billing scams, treatment-themed phishing, and privacy harms.
Breach Impact
AllerVie faces significant institutional cost from the incident. Federal HIPAA notification obligations, U.S. Department of Health and Human Services Office for Civil Rights filings, multistate attorney-general filings, and a class-action litigation pipeline are all underway. The Anubis ransomware group's posting of medical-record samples on its leak site adds direct evidence of data exfiltration that strengthens future litigation. AllerVie's specialty position in allergy and immunology care means the patient base includes both adults and pediatric patients, broadening the potential affected population. Operationally, the company reset passwords, notified law enforcement, and reviewed data-protection policies. Reputational damage is concentrated within the Texas and broader U.S. specialty-clinic market.
About Allervie Health
AllerVie Health is a U.S.-based network of allergy, asthma, and immunology specialty clinics, headquartered in Frisco, Texas. The company operates more than seventy clinic locations across multiple U.S. states, providing services including allergy testing, asthma management, chronic respiratory care, immunotherapy, and related specialty treatments. As a HIPAA-regulated healthcare provider, AllerVie maintains substantial volumes of protected health information including patient identity, contact, insurance, billing, diagnostic, and treatment records, alongside Social Security numbers and other administrative identifiers used for insurance verification and care coordination.
Why They Hold Your Data
Specialty clinic networks collect patient identity, contact, and insurance-linked records, often including SSNs and other sensitive administrative data tied to care delivery.
Recent Developments
AllerVie Health discovered unusual network activity on November 2, 2025 and engaged external cybersecurity experts to investigate. The forensic review concluded on November 24, 2025 and identified the affected fields. The company began notifying affected individuals by mail on December 22, 2025 and disclosed the incident to the New Hampshire Attorney General on December 23, 2025. The Anubis ransomware group claimed responsibility for the attack on November 26, 2025 by listing AllerVie on its dark-web leak site and publishing samples of stolen medical files. AllerVie is offering complimentary credit monitoring and identity-theft protection through Cyberscout, a TransUnion company. Class-action investigations by U.S. plaintiff law firms began in late December 2025.
Data Points Exposed
5 verified field types
Email Address
Full Name High
Phone Number
Physical Address High
Social Security Number Critical
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Exploitation & Downstream Threats
Threat Activity:Critical
Primary downstream threats:
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat vectors:
- Phishing, credential stuffing & account takeover
- Name-based social engineering
- SIM swapping, vishing & SMS phishing
- Physical stalking, mail fraud & identity verification
- Geolocation & property fraud
- Full identity theft & synthetic identity fraud
Threat Actor: Anubis
Anubis
Ransomware
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware.
Recommended Actions
If you believe your information may be included:
Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
Frequently Asked Questions
What happened in the Allervie Health breach?▾
AllerVie Health, a U.S.-based network of allergy, asthma, and immunology specialty clinics headquartered in Frisco, Texas, experienced a ransomware attack on its network between October 24 and November 3, 2025. The company discovered unusual activity on November 2, 2025 and engaged external…
What data was exposed?▾
Verified fields include Email Address, Full Name, Phone Number, Physical Address, Social Security Number.
What should I do if I was affected?▾
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Sources & References
Every claim on this page is traceable. This breach draws on:
Breach Index
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Protect Yourself
Check If You're Affected
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
High-Risk? Get an Exposure Audit
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation