Michigan Health System Cherry Health Reports Patient Data Breach

On April 19, 2025, Cherry Health, a healthcare organization in Michigan, found suspicious activity on its computer network. After investigating, they discovered that an unknown person gained access to their systems and copied patient data. The organization posted a preliminary notice about the incident on June

18. If you are a patient at Cherry Health or have received services there, your personal and medical information may have been accessed by the hackers. The notice does not yet specify exactly what types of information were taken, but healthcare breaches often include names, addresses, birth dates, Social Security numbers, medical record numbers, and health information. Cherry Health should send individual notification letters to affected patients with more details. Here is what you should do right now:
19. Contact Cherry Health directly at their official phone number to ask if your information was affected. Do not call numbers from unexpected emails or texts.
20. Watch your mail carefully for an official notification letter that should explain what specific information was exposed.
21. Monitor your medical records and insurance explanation of benefits statements for any services you did not receive.
22. Check your credit reports at annualcreditreport.com for free to look for any accounts you did not open.
23. Be alert for phishing emails or phone calls pretending to be from Cherry Health. Scammers often target breach victims. Going forward, ask all your healthcare providers how they protect patient data and what they will do to notify you if a breach occurs. Keep copies of your medical records and review them regularly for accuracy. Set up online accounts with your health insurance company and providers so you can monitor activity. If you receive medical bills for services you did not get, report them immediately to both the provider and your insurance company.