Source linked

Xsolis Phishing Breach Exposes 1.4M Patient Records, Including SSNs and Medical Data

bleepingcomputer.com@quiet_koalayesterday·Cybersecurity·5 comments

A targeted phishing attack on January 20 gave attackers access to names, SSNs, and treatment data for 1,396,519 individuals. The AI-driven healthtech firm detected the intrusion two days later.

xsolishealthtechdata breachphishinghealthcarekroll

1,396,519 individuals had their Social Security numbers, health insurance info, and medical treatment records stolen because someone at Xsolis clicked a phishing link. That's the number the company reported to the U.S. Dept. of Health and Human Services after a targeted attack on January 20, 2026.

Xsolis is no small operation. The Nashville-based healthtech firm runs Dragonfly, an AI platform that analyzes clinical data in real time for over 600 hospitals and insurers. Utilization management, medical necessity reviews, discharge planning - all decisions that now involve stolen patient data floating around.

Phishing Attack Bypassed AI-Heavy Security

The breach started with a "targeted phishing attack" on January 20. Xsolis detected unauthorized activity two days later on January 22. That gap is the window where attackers exfiltrated files containing names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

No mention of ransomware or extortion here. Just data theft. Xsolis says it's not aware of any attempted misuse, but they're sending everyone 12 months of identity monitoring through Kroll. If the affected person is a child, notifications go to parents or legal guardians.

What Happens Next with AI Health Data

Xsolis reset all passwords, increased system monitoring, accelerated employee security training, and strengthened credential management. That's table-stakes response. The real question is whether stolen medical treatment data - which can't be reissued like a credit card - will be used for targeted fraud or social engineering.

Healthcare data is the most valuable on the black market because it's hard to change. Medical records don't expire. Xsolis's AI may help hospitals make "more informed, consistent decisions," but it didn't prevent its own employees from falling for a phishing email. The company's next test: how many of those 1.4 million people will have their data used against them before Kroll's 12 months run out.

Source: Healthtech firm Xolis suffers data breach impacting 1.4 million people
Domain: bleepingcomputer.com

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Cybersecurity

view topic
DraftKings Hacker 'Snoopy' Gets 18 Months for $600K Credential Stuffing Heist

Nathan Austad, 21, admitted to compromising 60,000 DraftKings accounts and stealing $600,000; prosecutors say his crypto wallets received $465,000.

Attackers Exploited Cisco SD-WAN Zero-Day to Create 'troot' Root Account

Mandiant reveals attackers behind the Cisco SD-WAN zero-day uploaded a malicious CSV file, created a root account named 'troot', then restored system files and erased all traces.

Global Takedown of Amadey and StealC Cuts Off Cybercrime Assembly Line

A coordinated operation targeting two unrelated malware platforms simultaneously blocked over $47 million in fraud and disrupted the supply chain for credential theft and ransomware.

Edgecution Extension Abuses Native Messaging to Drop Python Backdoor

A malicious Microsoft Edge extension escapes the browser sandbox using Chrome's Native Messaging protocol, deploying a Python 3.13.3 backdoor in a ransomware-linked attack.

Comments load interactively on the live page.