Xsolis Data Breach Affects 1.4 Million Individuals

Threat actors gained access to personal and protected health information that Xsolis received from its clients. The post Xsolis Data Breach Affects 1.4 Million Individuals appeared first on SecurityWeek .

SecurityWeek reports that healthcare technology firm Xsolis, which provides AI-driven case and utilization management services, disclosed a breach where threat actors accessed files containing personal and protected health information for approximately 1.4 million individuals, including names, dates of birth, addresses, Social Security numbers, health insurance details, and medical treatment information.[1][4] The incident originated from a targeted phishing attack that compromised a limited portion of Xsolis’ technology environment and impacted multiple healthcare clients as a third-party vendor.[4][5][6] From a CyberSE.AI perspective, this highlights how AI-enabled healthcare platforms and their data pipelines are an attractive target and a critical concentration point for PHI, making vendor-centric controls, email and identity security, and rigorous third-party AI supply chain risk management essential. Organizations integrating such AI healthcare services should conduct formal AI security readiness assessments, define governance and incident response expectations for vendors, and require transparent security posture and SBOM-style visibility into third-party AI systems to reduc