Healthcare technology company Xsolis has disclosed a data breach impacting nearly 1.4 million individuals following a phishing attack. The Tennessee-based firm, which provides utilization management and revenue cycle solutions for healthcare providers, became aware of unauthorized access on January 22, 2026, after a phishing attack two days prior. The breach exposed personal and protected health information received from Xsolis’s hospital and payer clients, as reported by Security Affairs.The security incident, which occurred on January 20, 2026, allowed an unauthorized actor to acquire files containing sensitive information. This data may include names, addresses, dates of birth, Social Security numbers, health insurance details, and medical treatment information. Xsolis has launched an investigation, reported the incident to law enforcement, and is implementing enhanced security measures. Affected individuals are being notified by mail and offered free credit monitoring and identity protection services, along with access to a toll-free call center.The U.S. Department of Health and Human Services reported that 1,396,519 individuals were affected. No ransomware group has claimed responsibility for the attack at this time.Source: Security Affairs
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
Attack VectorYou can skip this ad in 5 seconds