Michigan Attorney General Dana Nessel has reissued a consumer alert concerning data breaches, urging state residents to take preventive action following a 2025 cyber incident impacting Munson Healthcare patients. According to a press release, the Traverse City-based healthcare system experienced unauthorized access via their third-party electronic health record vendor, Cerner, leading to the exposure of sensitive patient data, including Social Security numbers and medical information.
According to the Michigan Department of Attorney General, Munson Healthcare has begun the process of informing affected patients by mail about the breach and is offering two years of free credit monitoring through Experian. "Because Michigan law does not currently require companies to immediately notify my office when a data breach occurs, we often don’t know who was impacted or when until well after a concerning cyber incident," Nessel said. With the exact number of affected individuals unknown, consumers seeking additional support can contact Munson Healthcare at 833-931-5700.
Attorney General Nessel’s push for stricter Michigan laws requiring immediate notification to her office after a data breach has advanced with the passage of Senate Bills 360–364. The bills, aimed at strengthening protections against breaches and identity theft, are now under review by the Michigan House. Nessel urges anyone notified of a compromise to their personal information to use the available credit monitoring resources.
With identity theft and fraud on the rise after data breaches, consumers are urged to stay vigilant. They should watch for phishing attempts, update passwords, limit data retention, use multifactor authentication, and review their credit reports weekly for free from Equifax, Experian, and TransUnion. Nessel also recommends placing a credit freeze if Social Security numbers are compromised to prevent unauthorized financial activity.
Michigan residents concerned about misuse of their medical information should watch for warning signs, such as bills for services they didn’t receive or calls from debt collectors about unfamiliar medical debts. Those who notice these signs should check which personal information may be compromised, contact their financial institutions, and consider freezing their credit. Filing a report with the Federal Trade Commission or local police is also recommended.
The Michigan Identity Theft Support System (MITS) helps residents navigate the restitution process. Those who still need assistance can complete the MITS Request for Identity Theft Assistance form.
Those looking to file a complaint with the Attorney General or require additional information can connect with the Consumer Protection Team at 517-335-7599 or toll-free at 877-765-8388, or by mail at P.O. Box 30213, Lansing, MI 48909. Reports can also be submitted online via the Attorney General's dedicated complaint form.
