Confidence MediumJun 22, 2026xsolis.com

Healthtech firm Xsolis suffers data breach impacting 1.4 million people

PatternExternal actor · Social · Confidentiality impact

Healthcare technology company Xsolis disclosed a data breach affecting nearly 1.4 million individuals. The incident stemmed from a targeted phishing attack on January 20, 2026, which led to unauthorized access to a limited portion of the Xsolis environment. Attackers accessed files containing customer information, including names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information. Xsolis is a U.S.-based firm providing AI-powered software for healthcare organizations.

Signal date

Jun 22, 2026

Updated

Jun 24, 2026

Confidence

Medium

Sources

1 source

Xsolis

Domain: xsolis.com
Sector: Information
Signals: 1 linked

Scan this company

Signal context

First seen: Jun 22, 2026

Last updated: Jun 24, 2026

Status: Public signal

Key points

Phishing attack on January 20, 2026, led to unauthorized network access.
Nearly 1.4 million individuals impacted.
Exposed data includes names, addresses, dates of birth, health insurance information, Social Security numbers, and medical treatment information.

Signal analysis

Beta

This analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.

Affected organization

Xsolis

Sector: Information

Likely country: Location not provided

Estimated

Threat source

Social, Hacking activity

Watch phishing, executive impersonation and account-takeover exposure.

Source type: outside the affected organization

Business impact

Potential fraud or account takeover risk

Impact area: Confidentiality

Likely asset: User or customer data

Trend context

28 signals with similar action pattern

6 signals in the same sector
36 signals with the same likely impact area
1 signal linked to this organization/domain

Mentioned entities

XsolisData DisclosureHealthtechXsolisHealthcareAttackersU.S.-basedAI-poweredPhishingNearly

External sources

Xsolis Data Breach Affects 1.4 Million Individuals - SecurityWeekhttps://www.securityweek.com/xsolis-data-breach-affects-1-4-million-individuals/Public source from securityweek.com.

Related signals

Grouped by why the signal is relevant.

LastpassJun 23, 2026

Same sectorSame action patternSame impact area

LastPass confirms data breach in Klue supply chain attack

LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in a supply chain attack targeting Klue, a third-party market intelligence platform. The unauthorized actor obtained OAuth tokens from Klue, which were then used to access LastPass customer data. Exposed information includes customer names, phone numbers, email addresses, physical addresses, support case information, and sales/CRM-related data. LastPass stated that its core products, services, and infrastructure, including customer vaults, were not affected by this incident. The Icarus extortion group claimed responsibility for the Klue attack.

HospecsJun 2, 2026

Same sectorSame action patternSame impact area

Data Breach Hits Over 100 Dutch Hotels via Shared Booking Software

Hospecs, a Dutch hospitality services firm, confirmed a data breach affecting at least 100 Dutch hotels, with reports also coming from Belgium and Ireland. The breach exposed guests' contact details and reservation information, which criminals are using for phishing attacks.

EuropaMar 24, 2026

Same sectorSame action patternSame impact area

European Commission Confirms Cloud Data Breach Affecting Europa.eu Platform

The European Commission confirmed a cyber incident on March 27, 2026, after discovering a cyberattack on March 24, 2026, that affected parts of the public cloud infrastructure supporting the Europa.eu platform. The ShinyHunters extortion group claimed responsibility, alleging theft of over 350GB of data, including mail-server dumps, databases, confidential documents, and contracts. The Commission stated its internal systems were not affected, but data was taken from the public-facing websites.

OracleMar 21, 2025

Same sectorSame action patternSame impact area

Oracle Cloud Authentication Data Breach by 'rose87168'

A threat actor identified as 'rose87168' claimed to have breached Oracle Cloud's federated Single Sign-On (SSO) login servers and exfiltrated approximately 6 million records, impacting over 140,000 tenants. The stolen data reportedly includes Java Key Store (JKS) files, encrypted SSO and LDAP passwords, and Enterprise Manager JPS keys. While Oracle initially denied a breach of its main Oracle Cloud Infrastructure (OCI) platform, it acknowledged a security incident involving two obsolete servers where usernames were accessed. Cybersecurity firms and independent researchers confirmed the validity of some data samples shared by the threat actor. The attacker was active since January 2025 and sought assistance to decrypt stolen data, demanding payments to prevent further exposure. CISA issued guidance on credential risks associated with a potential legacy Oracle cloud compromise.

TweakersJun 19, 2026

Same action patternSame impact area

Paywall Bypass Vulnerability

Tweakers.net has identified a vulnerability that allows for the bypass of its paywall. This issue is listed as a 'Known issue' within their bug bounty program, indicating that the company is aware of the flaw and is seeking ethical hackers to report findings related to it. A successful bypass could allow unauthorized access to premium content.

OracleJun 19, 2026

Same action patternSame impact area

Oracle Affected by FortiBleed Campaign

Oracle was identified as one of over 22,000 corporate domains affected by the FortiBleed campaign. A Russian-speaking criminal group compromised Fortinet firewall and VPN devices globally, exfiltrating credentials and potentially gaining full network access.