US healthcare AI platform Xsolis confirms data breach that affects 1.4 million individuals

News
By published

Social Security numbers and health insurance information nabbed

A pink triangle with a red exclamation mark inside on a blue digital landscape
(Image credit: Getty Images)
  • Xsolis confirmed a phishing‑enabled breach on Jan 22, 2026, exposing data of 1.39M individuals
  • Stolen info includes names, addresses, DOBs, SSNs, health insurance, and medical treatment details; no ransom demands or dark web leaks yet
  • Customers offered free credit monitoring and identity theft protection, with warnings to watch for phishing and fraud attempts

Healthcare technology company Xsolis disclosed a cyberattack in which it lost sensitive data on almost 1.4 million customers.

Xsolis is a company that uses AI to help healthcare organizations make faster and more consistent decisions about patient care and utilization management. Earlier this week, it published a data breach notification on its website, saying that it spotted the intrusion on January 22, 2026.

Apparently, after a successful phishing attack on one of its employees two days earlier, the attackers were able to access a “limited portion” of the Xsolis environment, from which they were able to exfiltrate people’s names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

Latest Videos From

Almost 1.4 million victims

This level of information is more than enough information to target these individuals with phishing or even steal their identity for more disruptive attacks elsewhere.

In a filing with the US Department of Health and Human Services, Xsolis confirmed that 1,396,519 individuals were affected by this breach.

“We have taken steps to address the incident and are committed to protecting the information entrusted to us,” Xsolis said in the announcement. “Upon learning of this incident, we immediately began an investigation and reported the incident to law enforcement. We also implemented additional safeguards to further enhance the security of information in our possession and to help prevent similar incidents from occurring in the future.”

So far, there is no evidence of the data being used in follow-up attacks, or being offered on the dark web. No threat actors have yet claimed responsibility for the attack, and no one has yet demanded ransom in exchange for the files.

Xsolis told its customers to be wary of incoming messages, especially those pretending to be from the company, or using it in any other context. Customers are also offered free credit monitoring and identity theft protection services, as well as fraud alerts and credit freezes.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.