Healthcare technology provider Xsolis has disclosed a phishing-related data breach affecting nearly 1.4 million individuals after attackers gained access to files containing sensitive personal and medical information.
Healthcare technology company Xsolis has revealed that a cyberattack exposed the personal and protected health information of nearly 1.4 million individuals, making it one of the larger healthcare-related data breaches reported this year. The Tennessee-based firm, which provides utilization management and revenue cycle solutions to hospitals, health systems, and insurers, discovered unauthorized activity within its environment on January 22, 2026.
According to the company’s investigation, the intrusion stemmed from a targeted phishing attack that occurred two days earlier. Threat actors successfully gained access to files containing sensitive information that Xsolis maintained on behalf of its healthcare clients. The compromised data may include names, dates of birth, home addresses, Social Security numbers, health insurance details, and information related to medical treatment.
While Xsolis publicly disclosed the incident in early June, the scale of the breach became clearer after the U.S. Department of Health and Human Services added the incident to its healthcare breach tracker, listing 1,396,519 affected individuals. Despite the significant number of impacted patients, no ransomware group has publicly claimed responsibility for the attack, and there is currently no indication that the stolen data has been leaked online.
Xsolis stated that it is not aware of any confirmed misuse of the compromised information at this time. However, the incident highlights the continued effectiveness of phishing campaigns against healthcare organizations and their vendors, which often serve as repositories for vast amounts of sensitive patient data. The breach joins a growing list of healthcare cybersecurity incidents affecting millions of Americans and underscores the ongoing challenges organizations face in protecting medical information from increasingly sophisticated threat actors.
