Avosina Healthcare Solutions

Avosina Healthcare Solutions, a physician-owned company specializing in revenue cycle management and healthcare IT services, suffered a **ransomware attack** in late July 2025, orchestrated by the **Qilin group**. The breach compromised parts of its computer systems, leading to the exposure of **personally identifiable information (PII) and protected health information (PHI)** of current and former patients of its client, **SomnoSleep Consultants, LLC**.The exposed data included **patient names, addresses, medical records, and health insurance details**, placing affected individuals at high risk of **identity theft and medical fraud**. The incident was discovered on **July 29, 2025**, with the threat actors publicly claiming responsibility on the **Tor network on August 7, 2025**. Avosina responded by restoring services from backups, engaging cybersecurity firms, and notifying affected patients and authorities. The breach’s severity stems from the **sensitive nature of the leaked healthcare data**, the involvement of ransomware, and the potential for long-term harm to patients’ financial and medical security.

Source: https://www.claimdepot.com/data-breach/avosina-2025

TPRM report: https://www.rankiteo.com/company/avosina-healthcare-solutions

"id": "avo2420924112525",
"linkid": "avosina-healthcare-solutions",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Avosina Healthcare Solutions',
                        'type': 'Healthcare IT and Revenue Cycle Management'},
                       {'customers_affected': 'Current and former patients '
                                              '(exact number unspecified)',
                        'industry': 'Healthcare',
                        'name': 'SomnoSleep Consultants, LLC',
                        'type': 'Healthcare Provider (Client of Avosina)'}],
 'customer_advisories': ['Direct written notifications',
                         "Public notice on SomnoSleep Consultants' website"],
 'data_breach': {'data_encryption': True,
                 'data_exfiltration': True,
                 'personally_identifiable_information': ['patient names',
                                                         'addresses',
                                                         'medical information',
                                                         'health insurance '
                                                         'information'],
                 'sensitivity_of_data': 'High (includes medical and insurance '
                                        'information)',
                 'type_of_data_compromised': ['personally identifiable '
                                              'information (PII)',
                                              'protected health information '
                                              '(PHI)']},
 'date_detected': '2025-07-29',
 'date_publicly_disclosed': '2025-08-07',
 'description': 'Avosina Healthcare Solutions, a physician-owned company '
                'specializing in revenue cycle management and healthcare IT '
                'services, experienced a significant data breach in late July '
                '2025. The incident was identified as a ransomware attack '
                'claimed by the Qilin group, potentially exposing personally '
                'identifiable information (PII) and protected health '
                'information (PHI) of current and former patients of '
                'SomnoSleep Consultants, LLC.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'exposure of sensitive patient data',
            'data_compromised': ['patient names',
                                 'addresses',
                                 'medical information',
                                 'health insurance information'],
            'identity_theft_risk': 'High (due to exposure of PII and PHI)'},
 'initial_access_broker': {'high_value_targets': ['patient PII and PHI']},
 'investigation_status': 'Ongoing (investigators and security firms engaged)',
 'post_incident_analysis': {'corrective_actions': ['fortified network '
                                                   'security']},
 'ransomware': {'data_encryption': True,
                'data_exfiltration': True,
                'ransomware_strain': 'Qilin'},
 'references': [{'source': 'SomnoSleep Consultants Data Privacy Event Notice'},
                {'date_accessed': '2025-08-07',
                 'source': 'Qilin ransomware group post on Tor network'}],
 'regulatory_compliance': {'regulatory_notifications': 'Relevant authorities '
                                                       'were reported to '
                                                       '(specifics '
                                                       'unspecified)'},
 'response': {'communication_strategy': ['direct written notifications to '
                                         'affected patients',
                                         'public notice on SomnoSleep '
                                         "Consultants' website"],
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'remediation_measures': ['restored affected services using '
                                       'backups',
                                       'fortified network security'],
              'third_party_assistance': ['investigators', 'security firms']},
 'threat_actor': 'Qilin ransomware group',
 'title': 'Avosina Healthcare Solutions Data Breach and Ransomware Attack '
          '(July 2025)',
 'type': ['data breach', 'ransomware attack']}