ClosedLow impactAI Refreshed

Xsolis Data Breach Triggers Class Action Investigation

Occurred 20 Jan 2026·Detected 23 Jun 2026·
🇺🇸 United States, with Xsolis operations in California and Pennsylvania2 reportsEnded 1 Jul 2026
CyberCyberCasualty & Liability

Xsolis, Inc., a US healthcare-IT vendor serving over 600 hospitals and insurers, disclosed a targeted phishing attack on 20 January 2026 (detected 22 January 2026) that exposed personal and medical data of approximately 1.4 million individuals, including names, addresses, dates of birth, health insurance details, Social Security numbers, and medical treatment information. Plaintiff firm Edelson Lechtzin LLP has opened a consumer class action investigation, but no regulatory filing, carrier disclosure, or loss estimate is yet available.

AI-generated from linked source reports. See our correction policy.

Impact verdict

Low impact. The event sits at the developing lifecycle stage on the basis of a corroborating trade-media report (BleepingComputer) that confirms the attack vector (phishing), the breach timeline (attack 20 Jan, detected 22 Jan 2026), and a more credible affected count (~1.4M) than the earlier unverified GKG extraction (~4M). Inclusion of SSN plus health insurance and medical treatment data elevates HIPAA-adjacent notification exposure and consumer class action potential, with downstream hospital and insurer client aggregation risk. No loss estimate, regulatory notification, or carrier disclosure is yet in evidence, keeping insured severity at low.

View assessment methodology

Premium discovery tier

Unlock analyst briefs, intelligence depth, and the revision timeline

Public pages show event facts and a short lead-in. Premium accounts unlock analyst briefs, deeper intelligence, loss context, and the full revision history for this event.

Start two-week trial

Geographic Zone Matches

3 active matches

  • TRIA Certified Areas
    Rule-basedConfidence 100%
  • Pacific Ring of Fire
    Rule-basedConfidence 100%
  • Caribbean Hurricane Zone
    Rule-basedConfidence 100%

Geographic zone matches are RiskEvents spatial/analytical indicators, not coverage determinations or Lloyd's official classifications.

Affected countries

🇺🇸 United States

Lloyd's classifications

Tracking this kind of risk? Get an email when Cyber events escalate.

Get alerts