Free Case Reviews | No Fee Unless We Recover For You

Cerner Corporation Data Breach

July 8, 2026

NOTICE: If you received a NOTICE OF DATA BREACH letter from Cerner Corporation, contact Emery | Reddy, PC at 206.207.8929 for a Free Case Review.

On or about March 7, 2025, Cerner Corporation (“Cerner”) became aware of suspicious activity involving its computer systems. According to the Notice of Data Event, Cerner promptly took steps to secure its network, initiated an internal investigation, and engaged third-party forensic specialists to determine what occurred.

Following the initial investigation, Cerner confirmed on March 7, 2025, that certain patient information may have been impacted. The forensic review later determined that files were accessed or taken without authorization between January 22, 2025, and March 7, 2025. Because of the complexity and volume of data involved, it was not until July 25, 2025, that Cerner identified the individuals whose information may have been affected and determined there was sufficient information to issue direct notification letters.

After identifying the affected files, Cerner worked to resecure its network environment and strengthen its overall security posture. The company reported that it enhanced system safeguards and took additional measures designed to reduce the risk of similar incidents in the future.

Cerner Corporation is a healthcare technology company that provides electronic health record (EHR) software and related services to healthcare providers. As a business associate under HIPAA, Cerner supports hospitals and clinics in managing patient records and other critical healthcare data.

Cerner also stated that, at the time of notification, it had not received reports of identity theft or fraud resulting from the incident. However, the investigation confirmed that unauthorized access to certain data may have occurred.

Individuals whose information may have been involved began receiving written notification letters starting in July 2025. If you received a Notice of Data Event from Cerner Corporation, it confirms that your personal and/or health information may have been impacted by this security incident.

As part of its response, Cerner is offering affected individuals complimentary credit monitoring and identity restoration services through Experian IdentityWorks for 24 months, provided individuals enroll by the stated deadline in their notification letter.

What information is involved in the Cerner Corporation Data Breach?

Compromised information may include:

First Name

Last Name

Social Security Number

Medical Record Number

Physician Information

Diagnoses and Treatment Information

Medications

Test Results and Medical Images

Other Personally Identifiable Information (PII)

The specific data elements involved vary by individual and are detailed in each notification letter sent by Cerner Corporation.

Your Personally Identifiable Information (PII) includes information that can be used to identify you, such as your name and other personal details. Organizations that manage healthcare data are legally required to safeguard this information. When PII is exposed in a data breach, it can potentially be used by cybercriminals to commit identity theft, financial fraud, or other forms of misuse.

Much of the information involved in this incident may also qualify as Protected Health Information (PHI). PHI includes medical or healthcare-related data protected under federal and state privacy laws. When PHI is compromised, it can be misused for medical identity theft, insurance fraud, or other improper purposes—often in combination with other personal information.

If your information was involved in this incident, it is important to remain vigilant. Impacted individuals are encouraged to carefully review medical bills, insurance statements, and financial account activity for any suspicious or unfamiliar charges. Cerner Corporation also advises reviewing the guidance provided with the notification letter, including steps related to credit monitoring, fraud alerts, credit freezes, and identity restoration services.

Patients and consumers may have legal rights when companies that manage healthcare information fail to adequately safeguard sensitive personal and medical data. These rights vary by state and may depend on the nature of the information exposed and the circumstances surrounding the breach.

If you received a Notice of Data Event / Notice of Data Breach related to the Cerner Corporation incident, your personal and potentially health-related information may be at risk.

Contact the Data Breach Attorneys at Emery | Reddy today for a Free Case Review.

Join the Data Breach Lawsuit

Learn more about your rights to
potential compensation.

Name(Required)
This field is hidden when viewing the form
Upload your files here:
Drop files here or
Max. file size: 256 MB.
    Max. file size: 256 MB.

    Prefer to speak with someone now?

    Call us at ⁨(206) 973-5298 for a Free Case Review.

    NOTICE: If you received a NOTICE OF DATA BREACH letter from Cerner Corporation, contact Emery | Reddy, PC at 206.207.8929 for a Free Case Review.

    We Are
    Taking a Break!

    We will be closed:

    December 22 – 26

    We will reopen:

    December 29

    Please leave us a voicemail or submit your contact form and an experienced Intake Specialist will return your call when we reopen. Happy holidays!