Cherry Health, a Grand Rapids, Michigan-based health care provider, is working through a systemwide technology outage that has disrupted its phone system, raising questions about a possible cybersecurity incident.
Cherry Health said it is “currently experiencing technology issues across Cherry Health, including our phone system,” while clinics remain open for scheduled visits. The organization has not publicly confirmed ransomware or said whether patient data was affected.
Cherry Health’s public notice describes organizationwide technology issues, including its phone system, rather than an isolated outage. The scope is similar to other health care outages later identified as cyber incidents, though Cherry Health has not publicly described the cause.
A person who works at Cherry Health said the organization is experiencing another ransomware attack, speaking on condition of anonymity because they were not authorized to discuss the outage. DysruptionHub could not independently confirm the claim, and Cherry Health has not publicly described the cause.
The current outage comes after Cherry Health’s legal entity reported a ransomware incident in late 2023. A Maine attorney general filing said the Dec. 21 breach affected 184,372 people and was discovered three days later.
The Record reported in April 2024 that the 2023 incident exposed personal data, including financial information, but that Cherry Health did not name a ransomware group.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
Cherry Health is a Grand Rapids-based community health provider that offers primary care, dental, behavioral health, vision, pharmacy and other services at more than 20 locations across several counties.
The organization says it serves more than 70,000 patients a year regardless of insurance status or ability to pay. It has said scheduled visits are continuing, but has not detailed whether patient portals, medical records, billing, prescriptions or referrals are affected.
The possible cyberattack comes during a spring wave of health care disruptions, including incidents at Mile Bluff Medical Center in Wisconsin, Minidoka Memorial Hospital in Idaho, Signature Healthcare in Massachusetts and Gritman Medical Center clinics in Idaho. Providers in those cases reported outages affecting phones, computer systems, imaging access, ambulance routing or paper-record workflows while care continued.
It also follows other recent disruptions in the Grand Rapids area. Kent District Library said ransomware closed some branches in April, and Goodwill of Greater Grand Rapids was tied in March to an Interlock ransomware claim after point-of-sale problems forced stores to accept cash-only purchases. No connection among the incidents has been reported.
Cherry Health has not said what caused the outage, when full service will be restored or whether patient data was exposed. Those answers will determine whether the incident remains an operational disruption or becomes the organization’s second major cyber event in less than two years.
