XSOLIS , Inc. is a healthcare business associate that focuses on utilization and case management services using AI and automation. On June 19, they notified clients' patients about a data breach due to a phishing attack on January 22, 2026. Although unauthorized access was identified and contained, personal data linked to names, addresses, birth dates, health insurance details, Social Security numbers, and medical treatments was potentially exposed.
Affected individuals are being offered 12 months of identity monitoring services. Xsolis has implemented enhanced security measures following the incident and reported that 1,396,519 patients were impacted, with specific clients like Rochester Regional Health and Mayo Clinic noted as affected. No criminal group has claimed responsibility for the attack.