Xsolis Data Breach Leaks Health Information of 1.4 Million People – Veri Sızıntısı
Live
Search
Company
About Founder's Note Press & Media Privacy Policy Terms of Service FAQ Brand Kit
Products
HUBOne HUBCorp Coming Soon Veri Sızıntısı Android Coming Soon Veri Sızıntısı iOS Coming Soon Veri Sızıntısı Huawei Coming Soon Breach Radar Argus Flow Argus Engine LivePlatform
Technologies
What is Argus AI? Try on HUBOne What is Argus Flow? What is Argus Engine?
Blog Contact

Xsolis Data Breach Impacts 1.4 Million People

Healthcare technology company Xsolis has reported a major data breach exposing the sensitive personal and medical information of 1.4 million people following a phishing attack. The breach includes Social Security numbers and medical treatment records.

An image representing a data breach with the Xsolis logo and a broken shield icon

What Happened

Xsolis, Inc., a Tennessee-based company providing technology solutions to the healthcare sector, has publicly disclosed a large-scale data breach affecting nearly 1.4 million individuals. The company offers critical services such as revenue cycle and utilization management for hospitals and payers. This means the breach indirectly affects the patients of these organizations. According to the official notification to the U.S. Department of Health and Human Services (HHS), exactly 1,396,519 people were impacted by the incident.

According to a statement from Xsolis, the unauthorized activity within its systems was first detected on January 22, 2026. This discovery came just two days after a targeted phishing attack was carried out on January 20, 2026. The company stated that it immediately contained the activity upon discovery and launched a comprehensive investigation, which included external cybersecurity experts, to understand the full scope of the event.

Data Compromised

It was determined that the cyberattackers gained access to highly sensitive data stored on Xsolis's servers, which had been provided by its hospital and insurance company clients. The compromised personal and protected health information (PHI) includes data highly valuable for identity theft and fraud. The nature of the leaked data increases the severity of the incident.

Has your email been leaked? Check for free — results in seconds.

Check Now →

The types of information confirmed to have been acquired include:

  • Full Names: Basic information for identifying individuals.
  • Addresses: Physical address information, which can be used in fraud and social engineering attacks.
  • Dates of Birth: An essential component of identity verification processes.
  • Social Security Numbers (SSN): The most critical element for identity theft in the U.S. It can be used for numerous illegal activities, such as opening new credit lines or filing fraudulent tax returns.
  • Health Insurance Information: Data like policy numbers and group information, which can be used to create fraudulent medical claims.
  • Medical Treatment Information: Private records regarding patients' treatments, diagnoses, and health conditions. This information carries the potential for use in targeted scams, blackmail, or medical identity theft.

The combination of such varied and sensitive data creates long-term risks for the victims. In the wake of such an event, you can use a Data Breach Search service to check if your personal information has been exposed by cybercriminals.

How the Attack Occurred

According to Xsolis's statement, the root cause of the data breach was a targeted phishing attack on January 20, 2026. Phishing is a social engineering method where attackers pose as a legitimate institution or person to trick victims into revealing sensitive information, such as login credentials. However, the company did not share additional technical details about the attack, such as what the phishing email looked like, who was targeted, or how the attackers moved laterally within the network after the initial compromise. The statement merely noted that the attack impacted a "limited portion of the Xsolis environment." The source article also mentioned that no known ransomware group has claimed responsibility for the attack.

Who Was Affected

The direct victims of this breach are not the end-users of Xsolis but rather the patients and members of the hospitals and insurance providers that use the company's services. This is a typical example of a supply chain attack, where an attack on one company jeopardizes the data of its clients and, consequently, their users. The 1.4 million affected individuals were likely unaware that their data was being processed by a third-party technology provider like Xsolis. Such incidents demonstrate the complexity and interconnectedness of the healthcare data ecosystem. You can stay informed about similar supply chain attacks by following the latest Data Breach News.

What You Can Do

Xsolis is notifying potentially affected individuals by mail, explaining the situation and providing guidance on how to protect their information. If you believe you were affected by this breach or have received a notification letter, it is recommended you take the following steps:

  • Review Account Statements and Credit Reports: Regularly check your bank accounts, credit card statements, and especially the explanation of benefits (EOB) from your health insurer. Look carefully for any transactions or medical service claims that you do not recognize.
  • Utilize the Free Credit Monitoring Service: Xsolis is offering complimentary credit monitoring and identity protection services to affected individuals. Follow the instructions in the letter sent by the company to enroll in these services.
  • Place a Fraud Alert: You can contact the three major credit bureaus (TransUnion, Experian, and Equifax) to place a free fraud alert on your credit file. This alert requires creditors to take extra steps to verify your identity before approving a new line of credit.
  • Request a Credit Freeze: For a stronger measure, you can freeze your credit files. A credit freeze restricts access to your credit report unless you explicitly grant permission. This makes it significantly harder for fraudsters to open new accounts in your name.
  • Use the Support Hotline: Xsolis has established a toll-free call center to answer questions from affected individuals and assist them with enrolling in protection services. You can call this center to get the necessary support.

What the Company Is Saying

Xsolis detailed the steps it took following the incident in its official notice. The company's statement reads: "On January 22, 2026, Xsolis became aware of unauthorized activity impacting a limited portion of the Xsolis environment resulting from a targeted phishing attack on January 20, 2026. We immediately contained the activity and launched an investigation with the assistance of external cybersecurity experts."

The company confirmed that the investigation determined the attacker acquired certain files. It also added, "We are not aware of any actual or attempted misuse of information because of this incident." Xsolis stated that it has implemented additional security safeguards to prevent similar events in the future and has reported the incident to law enforcement.

Source

https://securityaffairs.com/194067/cyber-crime/xsolis-data-breach-impacts-1-4-million-people.html

Share This Article
X LinkedIn WhatsApp
← Previous Post LastPass Confirms Data Breach in Supply Chain Attack

Weekly Newsletter

Curated data breach news delivered to your inbox every week.