Congress Learns of Prescription Data Hack Months Later

RXNT, a healthcare software vendor used by the Office of the Attending Physician to manage congressional prescription services, was breached on March 1 and March 3; attackers obtained patient records including names, birth dates, home addresses, prescription information, physician names, and pharmacy details. The contractor notified the government on the final day allowed under federal health privacy law, and OAP stated that broader medical records, Social Security numbers, insurance, and financial data were not affected.