We are investigating a data breach that led to unauthorized access to the sensitive information of 1.4 million individuals affiliated with Xsolis, a Tennessee-based provider of AI-powered case and utilization management solutions to healthcare providers.  

On January 20, 2026, an unauthorized third party gained access to a portion of the Xsolis environment through a targeted phishing attack. The intrusion was active until January 22, 2026, when unauthorized access was identified and contained. An investigation confirmed that patient data had been exposed and may have been copied. The following data may have been compromised in the breach: names, dates of birth, Social Security numbers, health insurance information, and medical treatment information. 

If your personal information was impacted by this incident, you may be at risk of identity theft and other serious violations of your privacy. As a result, you may be entitled to money damages and an injunction requiring changes to Xsolis’s cybersecurity practices. 

If you received notification of this data breach or are affiliated with Xsolis and wish to obtain additional information about your legal rights, please fill out the form below.