RXNT Data Breach: Sensitive Personal Information Exposed

RXNT, a healthcare software company formally known as Networking Technology Inc., reported a data breach that exposed patient information stored within its electronic health records platform.

According to the HIPAA Journal, the company sent notification letters to affected healthcare organizations dated May 1, 2026. RXNT also established a dedicated notification website where affected healthcare providers can register and receive further information about the incident.

An unauthorized actor gained access to an RXNT solution used by some of its healthcare customers between March 1, 2026, and March 3, 2026. During that three-day window, the intruder obtained a copy of the data stored within the system.

A review of the affected data took place between March 3, 2026, and April 17, 2026, to determine exactly which types of information had been taken. The review confirmed that the exposed information included patient names, dates of birth and demographic information such as addresses, contact information and patient IDs.

Because RXNT's platform stores patient records on behalf of healthcare organizations, each affected client was told how many of its patients were involved. At this time, the total number of affected individuals across all clients has not yet been made public.

RXNT's response to the breach

RXNT offered to take on all breach reporting responsibilities on behalf of its affected clients. These responsibilities include filings with the U.S. Department of Health and Human Services Office for Civil Rights, media notices, individual notifications to affected patients and reports to state attorneys general.

Affected healthcare providers were given until May 15, 2026, to respond and register to receive further information about the cybersecurity incident.

Because RXNT is a software vendor rather than a direct healthcare provider, individual patient notifications are expected to come either from the healthcare organizations themselves or from RXNT acting on their behalf.

Steps to take if your information was exposed

• Watch for a notification from your healthcare provider. Because RXNT is a software vendor, affected patients should expect to receive breach notifications from their doctor's office, hospital or clinic, or from RXNT acting on the provider's behalf.
• Monitor your credit reports. Request free copies of credit reports at AnnualCreditReport.com and review them for any unfamiliar accounts or activity, since names, dates of birth and addresses can be used in identity theft.
• Be cautious of phishing attempts. Watch for suspicious emails, phone calls or text messages that reference RXNT or this data breach by name, as scammers often exploit real breach events to trick people into sharing additional personal information.
• Review your mail and financial accounts. Because dates of birth and home addresses were among the exposed data, stay alert for signs of identity misuse such as unexpected mail, unfamiliar charges or accounts you did not open.
• Consider placing a fraud alert. Contact one of the three major credit bureaus (Equifax at 1-800-525-6285, Experian at 1-888-397-3742 or TransUnion at 1-800-680-7289) to place a fraud alert, which requires creditors to verify identity before opening new accounts.
• Report suspected identity theft. If there are any signs that personal information is being misused, file a report with the Federal Trade Commission at IdentityTheft.gov and contact local law enforcement.