Assisted Living Pharmacy Service reports cyberattack, ransomware group claims responsibility

Assisted Living Pharmacy Service LLC (ALPS), based in Menomonee Falls, Wisconsin, has disclosed a cyberattack that exposed sensitive data connected to its prescription services.

The incident was detected on June 26, 2025. An investigation determined that an unauthorized actor accessed ALPS’ network between June 25 and June 27, 2025, and acquired certain files. The review confirmed the compromised data included faxes sent to ALPS from January 2024 through June 2025 containing patient and resident information. Impacted records included names along with addresses, dates of birth, driver’s license or state ID numbers, Social Security numbers, diagnoses, lab results, medications, treatment details, claims information, and in some cases, financial account or payment card information.

ALPS has advised affected individuals to monitor accounts, insurance statements, and credit reports for suspicious activity. Free credit monitoring was not mentioned in the substitute notice.

While not confirmed by ALPS, the Qilin ransomware group has claimed responsibility for the attack and added the pharmacy service to its dark web leak site on August 12, 2025. The group posted limited file samples, including face sheet profiles of residents, but has not yet dumped the data in full.

The breach has not yet appeared on the HHS Office for Civil Rights’ public portal, so the number of individuals affected remains unknown.