341/69 Wednesday, June 24, 2026
Xsolis, Inc., a U.S.-based healthcare technology company that provides Utilization Management and Revenue Cycle solutions for healthcare providers, has disclosed a data breach affecting nearly 1.4 million people. The company stated that, on January 22, 2026, it detected unauthorized activity in certain parts of Xsolis systems as a result of a targeted phishing attack that occurred on January 20, 2026. After discovering the incident, the company immediately contained the activity and began an investigation with the assistance of external cybersecurity experts.
The investigation found that threat actors were able to access and obtain certain files containing personal information and protected health information that Xsolis had received from its hospital and healthcare payer clients. The information that may have been affected varies by individual and may include names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information. Xsolis stated that it has not found evidence that the information has been misused or that there has been any attempted misuse related to this incident.
Xsolis reported the incident to law enforcement, implemented additional security measures to help prevent similar incidents in the future, and is notifying potentially affected individuals by mail. The company is also providing guidance on protecting personal information, as well as complimentary credit monitoring and identity protection services. In addition, Xsolis has established a call center to provide information and assist affected individuals with enrolling in protection services. Although the company did not directly disclose technical details or the number of affected individuals, data from the U.S. Department of Health and Human Services indicates that 1,396,519 people were affected.
Source: https://securityaffairs.com/194067/cyber-crime/xsolis-data-breach-impacts-1-4-million-people.html