AG Nessel is reissuing her consumer alert on data breaches following a recently revealed 2025 cyber incident that compromised information of patients of Munson Healthcare, a Traverse City-based healthcare system serving communities across Northern Michigan. The data breach involved unauthorized access through a third-party electronic health record vendor, Cerner. The incident compromised personal data, including patient names, Social Security numbers, and information included within patient medical records, such as medical record numbers, doctors, diagnoses, medicines, test results, images, care and treatment.   

“Because Michigan law does not currently require companies to immediately notify my office when a data breach occurs, we often don’t know who was impacted or when until well after a concerning cyber incident. These delays put consumers at higher risk of identity theft, and our state needs stronger laws to better protect Michiganders from bad actors. I urge anyone who receives a notice that their personal information may have been compromised to consider taking advantage of the free credit monitoring resources being offered.” – AG Nessel