Avosina Data Breach Impacts SomnoSleep Patients

Avosina Healthcare Solutions, a physician-owned company specializing in revenue cycle management and healthcare IT services, experienced a significant data breach in late July 2025, potentially exposing personally identifiable information (PII) and protected health information (PHI) of current and former patients of SomnoSleep Consultants, LLC.

On July 29, 2025, Avosina discovered that parts of its computer system had been compromised by an unknown threat actor. The incident was identified as a ransomware attack claimed by the Qilin group, who posted about the breach on the Tor network on Aug. 7, 2025.

Information exposed in this incident included patient names, addresses, medical information and health insurance information. The exposure of these types of sensitive data puts current and former patients at risk of identity theft and medical fraud.

The breach primarily impacted patients from SomnoSleep Consultants, a client of Avosina. Those affected were notified directly in writing. SomnoSleep Consultants has also posted a notice of data privacy event on its website.

Avosina Healthcare Solutions's response

In response to the breach, Avosina took immediate action to restore affected services using backups and engaged investigators and security firms to determine the scope of the incident. The company reported the matter to relevant authorities and took steps to fortify its network security.

If you receive notification from Avosina Healthcare Solutions or SomnoSleep about this breach, you may want to:

• Sign up for the free identity theft protection services, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.