HackerFeeds
All ransomware incidents
alpinion.com

Ransomware group coinbasecartel hits Alpinion

MEDIUM
·Healthcare·KR·2026-05-11

Alpinion — a healthcare target operating in KR has been listed by the coinbasecartel ransomware group on 2026-05-11. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target OrganizationAlpinion
Threat Group
coinbasecartel
Summary[AI generated] Alpinion is a South Korean medical device company specializing in the development and manufacture of ultrasound imaging systems and transducers. Founded in 2010 as a spin-off from Samsung, the company serves healthcare providers globally, offering diagnostic ultrasound solutions for radiology, cardiology, and point-of-care applications. Alpinion is headquartered in Seoul, South Korea, and operates internationally across multiple markets.
Date of Breach2026-05-11
Discovery Date2026-05-11
RegionKR
Target Domainalpinion.com
Business SectorHealthcare
Severity
MEDIUM

Claim by coinbasecartel

[AI generated] Alpinion is a South Korean medical device company specializing in the development and manufacture of ultrasound imaging systems and transducers. Founded in 2010 as a spin-off from Samsung, the company serves healthcare providers globally, offering diagnostic ultrasound solutions for radiology, cardiology, and point-of-care applications. Alpinion is headquartered in Seoul, South Korea, and operates internationally across multiple markets.

Posted by the coinbasecartel threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

alpinion.com

Leak post (onion / Tor)

tor

http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/alpinion

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.