Healthcare technology company Xsolis has confirmed a data breach affecting nearly 1.4 million individuals after attackers gained access to part of its network through a targeted phishing attack earlier this year.
The company disclosed that unauthorized activity was detected on January 22 following a phishing incident that occurred on January 20. Xsolis said it immediately contained the activity, launched an investigation with assistance from external cybersecurity experts, and notified law enforcement.
Xsolis develops AI-powered software used by more than 600 hospitals and health insurers to support utilization management, medical necessity reviews, discharge planning, and reimbursement decisions.
Nearly 1.4 million individuals affected
According to the company’s investigation, the attackers accessed files containing sensitive information belonging to customers and other individuals.
The exposed information may include names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.
A filing with the U.S. Department of Health and Human Services indicates that 1,396,519 individuals were impacted by the incident.
Response and mitigation
Xsolis said it has completed its investigation and implemented additional security measures designed to reduce the risk of similar incidents.
Among the steps taken were password resets for users and key accounts, enhanced security monitoring, strengthened credential management practices, and expanded employee security awareness training.
The company is notifying affected individuals by mail and is offering 12 months of complimentary identity monitoring and identity theft restoration services through Kroll. Notifications involving affected minors will be sent to parents or legal guardians.
Healthcare sector remains a frequent target
Healthcare organizations continue to face persistent phishing campaigns and credential theft attacks due to the large volume of sensitive personal and medical information they maintain. Even when attacks do not disrupt patient care, exposed healthcare records can present long-term identity theft and fraud risks for affected individuals.
Investigations into the Xsolis incident remain ongoing, and the company stated it is not currently aware of any misuse of the exposed information.
