LifePoint Health; Southwest Behavioral & Health Services; Nottingham Village Report Data Breaches
Data breaches have been announced by Lifepoint Health, Southwest Behavioral & Health Services, and Nottingham Village. Lifepoint Health Lifepoint Health Inc., a healthcare delivery network that operates more than 60 hospital campuses in 28 U.S. states, more than 30 rehabilitation and behavioral health hospitals, and over 170 acute rehabilitation units, discovered unauthorized activity within its network on February 23, 2026. The forensic investigation traced the activity to a compromised user account. Assisted by third-party cybersecurity experts, Lifepoint Health determined that an unauthorized third party gained limited access to certain internal databases on February 22, 2026. The incident was fully contained within 24 hours. Lifepoint Health determined that the data breach was limited in scope and was restricted to employees of contracted vendors. Direct employees of the company and patients were not affected. The affected employees had their names, addresses, phone numbers, dates of birth, and Social Security numbers compromised in the incident. Notification letters were...
Xsolis Data Breach Affects 1.4M Individuals
Xsolis, a business associate of HIPAA-covered entities that provides AI-powered solutions for improving case and utilization management to achieve more efficient outcomes, has experienced a major data breach as a result of a phishing attack. According to the data breach notification filed with the California Attorney General, unauthorized activity was identified within the Xsolis environment on January 22, 2026, as a result of a targeted phishing attack. The incident has been contained, unauthorized access has been terminated, no evidence has been found of unauthorized access since January 22, 2026, and Xsolis has found no evidence to suggest any of the exposed data has been misused. An investigation was launched to determine the nature and scope of the unauthorized activity, which confirmed that patient data had been exposed and may have been copied. Xsolis engaged digital specialists to review the affected data, and that process has now been completed. Xsolis is notifying the affected individuals and has offered them complementary credit monitoring and identity theft protection...
Blue Fish Pediatrics Data Breach Affects More Than 62,000 Texas Patients
Blue Fish Pediatrics in Texas has announced a July 2025 cyberattack that affected more than 62,000 patients. Data breaches have also been announced by Cherry Health in Michigan, Coastal Carolina Centers of Urology and Surgery in South Carolina, and Regence in Oregon. Blue Fish Pediatrics, Texas Blue Fish Pediatrics, a Houston, Texas-based network of pediatric medical practices, has notified the Texas Attorney General about a cybersecurity incident last year that exposed the personal and protected health information of its patients. In a substitute breach notice on its website, Blue Fish Pediatrics explained that unauthorized access to its IT systems was identified on or around July 17, 2025. After securing its systems, an investigation was conducted to determine the nature and scope of the unauthorized activity. The forensic investigation confirmed that a threat actor had access to a limited number of files between July 11, 2025, and July 17, 2025. Some of those files contained personally identifiable information and protected health information and may have been acquired in the...
VA OIG Identifies Lack of Oversight of VA GenAI Chat Tools
A review of the use of generative artificial intelligence (GenAI) tools by Department of Veterans Affairs (VA) staff has identified potential patient safety risks from a lack of safeguards and oversight. The review was conducted by the VA Office of Inspector General (OIG) between October 2025 and January 2026 and found that more than 15,000 VA staff members were using general-purpose GenAI chat tools authorized for use by the Veterans Health Administration (VHA) – VA GPT and Microsoft 365 Copilot Chat. The reviewers identified broad staff engagement with the AI chat tools. An analysis of an internal prompt‑sharing application identified 135 prompts for the GenAI chat tools, 79 of which were clinical. The drafting of clinical notes and summarization of patient care were among the most common uses of the tools. The VA OIG notes that the tools were not specifically developed for clinical use, and while the VA provides clinical users with general training and resources, the VA does not centrally curate or evaluate prompts or the generative output, which may be applied to clinical...
ShinyHunters Data Extortion Group Threatens to Leak 8.8 TB of Stolen One Medical Data
One Medical, the Amazon-owned primary care provider, has recently announced a cybersecurity incident in which an unauthorized third party gained access to a third-party file storage system containing archived information for One Medical Seniors patients. Last week, the ShinyHunters threat group added One Medical to its dark web data leak site and claimed to have exfiltrated 8.8 terabytes of data. According to the One Medical website data breach notice, the unauthorized access was identified on June 13, 2026, and was limited to the file storage system, which contained legacy data of One Medical Seniors patients. One Medical Seniors is the new name for Iora Health, which One Medical acquired in 2021. When the breach was discovered, the affected system was immediately secured, and all access was revoked. An investigation was launched to determine the nature and scope of the unauthorized activity, which confirmed that the file storage system was accessed by an unauthorized third party between June 8 and June 11, 2026. While it has only been a few days since the breach was discovered,...



