- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Munson Healthcare Faces Investigation After Data Breach Exposes Over 100,000 Patient Records
Schubert Jonckheer & Kolbe LLP is investigating the incident that may have violated state and federal laws.
Jan. 29, 2026 at 9:31pm by Ben Kaplan
Got story updates? Submit your updates here. ›
Munson Healthcare, the largest health system in Northern Michigan, is under investigation after a data breach exposed the sensitive personal and medical information of over 100,000 patients. The breach, which occurred in January 2025 but was not disclosed to impacted individuals until January 2026, may have violated state and federal laws. The investigation is being conducted by Schubert Jonckheer & Kolbe LLP, a San Francisco-based law firm that represents shareholders, employees, and consumers in class actions.
Why it matters
Data breaches that expose sensitive patient information can have serious consequences, including identity theft and other privacy violations. This incident raises concerns about Munson Healthcare's cybersecurity practices and its compliance with laws governing the protection and timely notification of patient data.
The details
According to the investigation, an unauthorized third party gained access to personal health information on legacy Cerner electronic health record systems used by Munson Healthcare. The breach potentially compromised a range of sensitive data, including patient names, Social Security numbers, medical record numbers, doctors, diagnoses, medicines, test results, images, and care and treatment details.
- The data breach occurred on or around January 22, 2025.
- Munson Healthcare did not notify impacted individuals until on or around January 26, 2026.
The players
Munson Healthcare
The largest health system in Northern Michigan, which utilizes Cerner electronic health record systems and was the victim of the data breach.
Schubert Jonckheer & Kolbe LLP
A San Francisco-based law firm that is investigating the data breach and representing patients who may have been impacted.
Cerner
The electronic health record system provider, now owned by Oracle Health, whose legacy servers were breached and led to the exposure of patient data.
What’s next
The investigation by Schubert Jonckheer & Kolbe LLP is ongoing, and the law firm is encouraging patients who may have been impacted by the data breach to contact them for more information.
The takeaway
This data breach highlights the importance of robust cybersecurity measures and timely notification to patients when their sensitive information is compromised. It also underscores the need for healthcare providers to prioritize the protection of patient data and ensure compliance with relevant laws and regulations.
San Francisco top stories
San Francisco events
Mar. 17, 2026
Joe Klocek & Friends
Mar. 17, 2026
Clinton Kane - 4350 Live with Julian Ray