Allervie Health Data Breach
AllerVie Health Allergy & Immunology Breach (2025): 169K Patient SSN Exposed
Allergy, asthma, and immunology care provider.
Risk Interpretation
High risk of identity theft and medical fraud. Even where diagnosis data is not explicitly listed in the extracted fields, exposure of SSNs plus healthcare association makes patients vulnerable to billing scams, treatment-themed phishing, and privacy harms.
Impact & Downstream Threats
AllerVie faces significant institutional cost from the incident. Federal HIPAA notification obligations, U.S. Department of Health and Human Services Office for Civil Rights filings, multistate attorney-general filings, and a class-action litigation pipeline are all underway. The Anubis ransomware group's posting of medical-record samples on its leak site adds direct evidence of data exfiltration that strengthens future litigation. AllerVie's specialty position in allergy and immunology care mea
- Identity theft and synthetic identity construction using government-issued IDs
- SIM swap attacks where phone numbers are present
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
AllerVie Health, a U.S.-based network of allergy, asthma, and immunology specialty clinics headquartered in Frisco, Texas, experienced a ransomware attack on its network between October 24 and November 3, 2025. The company discovered unusual activity on November 2, 2025 and engaged external cybersecurity experts to investigate. The Anubis ransomware group claimed responsibility for the attack on November 26, 2025 by listing AllerVie on its dark-web leak site and publishing samples of stolen medical files.\n\nThe breach affected approximately 169,000 individuals. Confirmed compromised fields in the public disclosure included names, email addresses, phone numbers, street addresses, and Social Security numbers. Public reporting and Anubis's leak-site samples indicated that the underlying data exfiltration also covered medical records, billing documents, internal schedules, insurance information, and diagnostic and treatment information specific to allergy and immunology care. Driver's license and state ID numbers were also identified in the affected dataset for some individuals.\n\nFor affected patients, the practical risk profile combines standard identity-fraud exposure with healthcare-specific risks. The combination of name, address, and Social Security number is a strong base for synthetic identity fraud and fraudulent credit applications. Inclusion in the dataset confirms the existence of an allergy or immunology care relationship, which can support medical-themed scam calls referencing real treatments, billing details, or insurance claims. Affected individuals should accept the credit monitoring offered by AllerVie, freeze credit at all three U.S. bureaus, monitor health-insurance explanation-of-benefits statements for unfamiliar charges, and treat unsolicited contact referencing AllerVie, allergy treatments, or insurance verification with caution.
About Allervie Health
AllerVie Health is a U.S.-based network of allergy, asthma, and immunology specialty clinics, headquartered in Frisco, Texas. The company operates more than seventy clinic locations across multiple U.S. states, providing services including allergy testing, asthma management, chronic respiratory care, immunotherapy, and related specialty treatments. As a HIPAA-regulated healthcare provider, AllerVie maintains substantial volumes of protected health information including patient identity, contact, insurance, billing, diagnostic, and treatment records, alongside Social Security numbers and other administrative identifiers used for insurance verification and care coordination.
Why They Hold Your Data
Specialty clinic networks collect patient identity, contact, and insurance-linked records, often including SSNs and other sensitive administrative data tied to care delivery.
Recent Developments
AllerVie Health discovered unusual network activity on November 2, 2025 and engaged external cybersecurity experts to investigate. The forensic review concluded on November 24, 2025 and identified the affected fields. The company began notifying affected individuals by mail on December 22, 2025 and disclosed the incident to the New Hampshire Attorney General on December 23, 2025. The Anubis ransomware group claimed responsibility for the attack on November 26, 2025 by listing AllerVie on its dark-web leak site and publishing samples of stolen medical files. AllerVie is offering complimentary credit monitoring and identity-theft protection through Cyberscout, a TransUnion company. Class-action investigations by U.S. plaintiff law firms began in late December 2025.
Data Points Exposed
Exposure Categories
Canonical Fields
email_address, full_name, phone_number, physical_address:street, ssn
Dark Web Verification
- Dataset containing ~169K records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: allervi-health-2025
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Allervie Health
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam