Healthtech firm Xolis suffers data breach impacting 1.4 million people
Healthcare technology company Xsolis disclosed a data breach affecting nearly 1.4 million individuals following a targeted phishing attack on January 20, 2026. Attackers gained access to sensitive customer data including names, addresses, dates of birth, Social Security numbers, health insurance information, and medical treatment details. Xsolis detected the breach two days later, contained it with help from external cybersecurity experts, and reported it to law enforcement. The company has since reset all user passwords, increased system monitoring, accelerated employee security training, and strengthened credential management. Affected individuals are being notified by mail and offered 12 months of identity monitoring and theft restoration services through Kroll.