Avosina Healthcare Solutions this week confirmed it notified 42,261 people of a July 2025 data breach that compromised names, addresses, medical info, and health insurance info.
Avosina is a medical billing company serving hospitals and other healthcare providers. This breach was previously reported by at least one of Avosina’s clients, SomnoSleep Consultants, which notified patients in December.
Ransomware gang Qilin took credit for the breach in August 2025. To prove its claim, Qilin posted sample images of what it says are documents stolen from Avosina. They include an employee payslip, a medical intake form, a business contract, an invoice, and a medical report.
Avosina has not verified Qilin’s claim. Comparitech cannot independently verify the data. We do not know if Avosina paid a ransom, how much Qilin demanded, or how attackers breached the company’s network. Comparitech contacted Avosina for comment and will update this article if it replies.
“On July 29, 2025, Avosina Healthcare Solutions discovered that certain data within our systems was accessed and compromised by an unknown third party,” says the company’s notice to victims.
“The impacted system was an archived file not part of our active software.”
The breached health data included account balances and medical procedure codes.
Avosina is offering eligible victims free credit monitoring through IDX, including $1 million in identity theft insurance. The deadline to enroll is April 9, 2026.
Who is Qilin?
Qilin is a ransomware gang that began taking credit for attacks on its data leak site in late 2022. Based in Russia, Qilin mainly targets victims through phishing emails to spread its ransomware. It runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms.
Qilin clocked more cyberattacks than any other ransomware gang in 2025. Out of the 1,034 claims made by Qilin, 172 were confirmed by the targeted organizations. Those confirmed attacks compromised nearly 3.5 million records.
10 of Qilin’s confirmed attacks hit healthcare businesses that don’t provide direct care. They include medical research firms Inotiv, which notified 10,482 people of an August 2025 breach, and BioPharma Services Inc, which reported a November 2025 breach.
Qilin has claimed responsibility for 41 attacks so far in 2026, but none have been publicly acknowledged by the targeted organizations yet.
Ransomware attacks on US healthcare businesses
Comparitech researchers logged 23 confirmed ransomware attacks on US healthcare businesses in 2025, compromising 5.8 million records. Those figures include data breaches at medical billing, IT services, research, and pharmaceutical companies, but not direct care providers like hospitals and clinics.
The attack on Avosina was the third-largest such attack in 2025 by number of records compromised. The two largest attacks include:
- Episource notified 5.5 million people about a January 2025 ransomware attack by unknown hackers
- Fieldtex Products notified 274,000 people of an August 2025 data breach claimed by Akira
Ransomware attacks on healthcare businesses can both lock down computer systems and steal data. These attacks often compromise data belonging to the business’ clients, such as patient data from hospitals and clinics. They can cripple critical systems and endanger the health, privacy, and security of patients. Targeted companies must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk.
About Avosina Healthcare Solutions
Avosina Healthcare Solutions is a medical billing services based in Lorton, Virginia. It manages billing and IT services for more than 160 medical providers, services more than 30 practices in the Washington, DC metropolitan area, and handles more than $20 million in charges per month, according to Avosina’s website.
