Industry stats Updated Jun 2026All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026.com + .net total 176.1M names in zone Verisign · Q1 2026.com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026No CMS detected 30% of all sites W3Techs · 17 Jun 2026Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026Apache on 24%–29% of sites W3Techs · Mar–Apr 2026LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTDFortune 500 95% publish DMARC · 80% enforced EasyDMARCFortune 500 62.7% use strict reject policy EasyDMARCInc. 5000 15.2% use strict reject policy EasyDMARCDeal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025Industry stats Updated Jun 2026All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026.com + .net total 176.1M names in zone Verisign · Q1 2026.com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026No CMS detected 30% of all sites W3Techs · 17 Jun 2026Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026Apache on 24%–29% of sites W3Techs · Mar–Apr 2026LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTDFortune 500 95% publish DMARC · 80% enforced EasyDMARCFortune 500 62.7% use strict reject policy EasyDMARCInc. 5000 15.2% use strict reject policy EasyDMARCDeal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025
Security Incidents & Breaches

Xsolis health data breach exposes 1.4M records via phishing

AI-driven healthcare analytics firm Xsolis reports a January phishing attack compromised sensitive data of nearly 1.4 million individuals.

Automated desk — Security Published 23 Jun 2026 · 21:08 UTC
3 MIN READ
Xsolis health data breach exposes 1.4M records via phishing
Ed Hardie · Unsplash

Healthcare analytics provider Xsolis has confirmed a data breach that exposed sensitive information of nearly 1.4 million individuals following a phishing attack earlier this year. The incident highlights ongoing vulnerabilities in healthtech platforms that handle both clinical and insurance data at scale.

What happened

On January 20, 2026, attackers successfully executed a targeted phishing attack against Xsolis, a company specializing in AI-powered software for hospitals and health insurers. The unauthorized network access was detected two days later, on January 22, prompting an immediate containment response and an investigation supported by external cybersecurity experts.

The investigation revealed that attackers accessed files containing personal and medical information. Exposed data includes names, home addresses, dates of birth, health insurance details, Social Security numbers, and medical treatment records. According to filings with the U.S. Department of Health and Human Services, the breach impacts 1,396,519 individuals.

Xsolis has reported the incident to law enforcement and is notifying affected individuals by mail. Those whose data was compromised will receive instructions to enroll in a 12-month identity monitoring and restoration service provided by Kroll. For minors affected by the breach, notifications are being sent to parents or legal guardians.

Security response and measures

Following the breach, Xsolis implemented several security enhancements. The company reset passwords for all user and key system accounts, increased system monitoring, and completed the rollout of updated security protocols. Employee security training programs have been accelerated, and credential management processes have been strengthened to reduce the risk of future phishing attacks.

Key facts
  • Breach date: January 20, 2026
  • Detection date: January 22, 2026
  • Records exposed: 1,396,519
  • Data types: Names, addresses, SSNs, medical treatment details
  • Notification method: Mail, with identity monitoring offered

Industry context and implications

Xsolis develops the Dragonfly platform, which processes real-time clinical data to assist healthcare providers and insurers in making decisions about patient care and insurance coverage. The platform is used by more than 600 hospitals and health insurers across the U.S., making it a high-value target for attackers seeking large volumes of sensitive health and personal data.

The breach underscores the persistent threat of phishing attacks in the healthcare sector, where the combination of valuable data and complex, interconnected systems creates significant risk. While Xsolis has not detected any misuse of the exposed information, the incident serves as a reminder for organizations to continuously test and update their security measures, particularly in areas like employee training and credential management.

ai in healthcare cybersecurity response data breach healthcare data identity theft phishing attacks

Related coverage

More from Security →

Discussion · coming soon

Be the first to join the thread when community discussion launches.