Cerner Corporation A.I CyberSecurity Scoring
Cerner Corporation
Company Information
Website:https://www.linkedin.com/showcase/oraclehealth/
Employees number:11,164
Number of followers:396,174
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:linkedin.com
Cerner Corporation Risk Score (AI oriented)
Between 0 and 549
Cerner CorporationIT Services and IT Consulting
Updated:
27/06/2026
27/06/2026
466/1000
Critical
C
Cerner Corporation Global Score (TPRM)
xxxx
Cerner CorporationIT Services and IT Consulting
Score locked

Cerner CorporationCritical
Current Score
466C (CRITICAL)
01000
8 incidents
-58.4 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
467
JUNE 2026
521
Breach
23 Jun 2026 • Cerner Corporation
Oracle Health: Oracle Health Stuck With Negligence Claim From Data Breach Suit
Oracle Health Data Breach Class Action Lawsuit
465
CRITICAL-56
ORA1782239736
Oracle Health Faces Negligence Claim in Data Breach Class Action Lawsuit
A federal court in the Western District of Missouri has ruled that plaintiffs have standing to pursue a negligence claim against Oracle Health (formerly Cerner Corp.) in a proposed class action lawsuit over a data breach. Judge Beth Phillips denied Oracle’s motion to dismiss, finding that the company plausibly owed and allegedly breached a duty to protect patient information. The court also determined that the plaintiffs sufficiently demonstrated harm linked to the incident.
The lawsuit stems from a data breach in which hackers accessed sensitive patient data, including Social Security numbers. Oracle Health, a provider of electronic health record systems, had sought to dismiss the negligence claim but failed to convince the court. The ruling allows the case to proceed, marking a significant development in litigation surrounding healthcare data security.
The decision underscores growing legal scrutiny of companies handling sensitive personal information, particularly in the healthcare sector. The outcome of the case could set precedents for future data breach litigation and corporate accountability.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JUNE 2026
573
Breach
01 Jun 2026 • Cerner Corporation
Cerner and Huntsville Hospital Health System: Huntsville Hospital patients’ data exposed in third-party security breach
Huntsville Hospital Patients’ Data Exposed in Third-Party Security Breach
517
CRITICAL-56
CERHUN1782519895
Huntsville Hospital Patients’ Data Exposed in Third-Party Security Breach
Huntsville Hospital Health System has notified patients that their personal health information was compromised in a security breach at Cerner, a third-party vendor. The incident, disclosed ahead of the U.S. 250th anniversary celebrations, highlights growing risks in healthcare data security.
While details on the scope of the breach remain limited, the exposure underscores vulnerabilities in third-party systems handling sensitive medical records. The FBI has also recently unveiled its Kinetic Cyber Range at Redstone Arsenal, a new facility designed to train agents in combating ransomware and digital evidence threats reflecting heightened federal efforts to address cybersecurity challenges.
In unrelated local developments, a damaged water main near North Alabama Medical Center in Florence has caused ongoing outages along Veterans Drive, while the Better Business Bureau has issued warnings about scams targeting holiday shoppers purchasing America 250 commemorative merchandise. Additionally, an Alabama appeals court reversed the prison sentence of Kevin Michael Bruce in a separate Florence dog-cruelty case.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2026
571
APRIL 2026
569
MARCH 2026
566
FEBRUARY 2026
558
JANUARY 2026
611
Breach
21 Jan 2026 • Cerner Corporation
Cerner Corporation and Jupiter Medical Center: Jupiter Medical alerts patients after third party data breach exposes health records
Jupiter Medical Center Third-Party Data Breach Impacting Health Records
556
CRITICAL-55
CERJUP1769037969
Jupiter Medical Center Notifies Patients of Third-Party Data Breach Impacting Health Records
On January 21, 2026, Jupiter Medical Center informed stakeholders about a data security incident involving Cerner Corporation, its third-party electronic health record (EHR) vendor. The breach did not compromise Jupiter Medical’s internal systems but exposed sensitive patient data held by Cerner.
The medical center confirmed that affected individuals are being notified and provided with guidance on protecting their personal information. While details on the scope of the breach remain limited, the incident underscores the risks of third-party vendor vulnerabilities in healthcare cybersecurity. No further specifics on the number of impacted patients or the nature of the exposed data were disclosed at this time.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
608
NOVEMBER 2025
605
OCTOBER 2025
601
SEPTEMBER 2025
649
Breach
01 Sep 2025 • Cerner Corporation
OSF HealthCare, Cerner and OSF Saint Clare Medical Center: Data breach exposes sensitive patient information across multiple OSF facilities
OSF Healthcare Patient Data Breach via Former Vendor Cerner
594
CRITICAL-55
OSFCEROSF1766606283
Cybersecurity Incident at OSF HealthCare Exposes Patient Data via Former Vendor Cerner
OSF HealthCare disclosed a cybersecurity incident involving its former electronic health record (EHR) vendor, Cerner, which may have exposed sensitive patient information. The breach, detected in September, stemmed from unauthorized access to legacy Cerner systems as early as January 2024. While OSF confirmed the incident did not affect its own systems or hospital operations, it impacted multiple healthcare facilities, though only patients of OSF Saint Clare Medical Center in Princeton were formally notified.
Cerner, which no longer provides services to OSF, identified the breach and launched an investigation, securing the compromised systems and engaging external cybersecurity experts. Law enforcement requested a delay in notifying affected parties to avoid interfering with the probe. OSF began notifying patients in November after Cerner completed a data review, providing a list of individuals whose information may have been accessed.
Exposed data includes patient names, Social Security numbers, medical record details (such as diagnoses, medications, test results, and treatment information), and physician names. As a precaution, OSF and Cerner are offering two years of complimentary credit monitoring and identity restoration services to affected patients. The incident highlights broader vulnerabilities in third-party healthcare IT systems, with Cerner confirming the breach extended beyond OSF facilities.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
AUGUST 2025
717
Breach
01 Aug 2025 • Cerner Corporation
Munson Healthcare: Current Weather
Munson Healthcare Data Breach Exposes Over 100,000 Patients in Northern Michigan
647
CRITICAL-70
MUN1769044954
Munson Healthcare Data Breach Exposes Over 100,000 Patients in Northern Michigan
Munson Healthcare, a major healthcare provider in northern Michigan, has disclosed new details about a data breach that occurred in August 2025, impacting more than 100,000 patients. The incident was revealed during a recent update, with officials confirming that affected individuals are now being notified via mail.
The breach prompted an immediate response from Munson’s security teams, with Chief Legal Officer Rachel Roe stating that data security experts are working around the clock to prevent further unauthorized access. As part of the remediation efforts, impacted patients are being offered free identity theft and credit monitoring services.
The full scope of the exposed data has not been publicly detailed, but the breach underscores ongoing cybersecurity risks in the healthcare sector. Munson Healthcare serves multiple counties in northern Michigan, including Grand Traverse, Emmet, and Wexford, making this incident one of the region’s most significant recent cybersecurity events. Investigations into the cause and extent of the breach remain ongoing.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2025
763
Breach
22 Jan 2025 • Cerner Corporation
Cerner Corporation and Aultman Health System: Aultman Health System notifies patients of medical data breach
Aultman Health System Medical Data Breach
708
CRITICAL-55
CERAUL1766771763
Aultman Health System Reports Third-Party Data Breach Impacting Patient Records
Aultman Health System, based in Canton, Ohio, has begun notifying patients of a data breach involving a third-party IT provider, Cerner Corporation, which may have exposed sensitive personal and medical information. The incident, detected in late February, stemmed from unauthorized access to a Cerner system used for electronic medical records, though Aultman confirmed its own systems remained unaffected.
According to a patient notification letter, Cerner’s investigation—conducted with external cybersecurity experts and law enforcement—revealed that the breach occurred as early as January 22. The unauthorized party accessed and copied data, which may have included names, Social Security numbers, medical record details, diagnoses, treatment histories, test results, and physician information.
At law enforcement’s request, Cerner and Aultman delayed public notification to avoid interfering with the investigation. As a remedial measure, Cerner is offering affected individuals two years of free credit monitoring and identity protection services through Experian, along with internet surveillance monitoring. Patients seeking further details can contact a dedicated hotline at 833-918-1127, using engagement number B156918.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2025
777
Cyber Attack
01 Jan 2025 • Cerner Corporation
Cerner, OSF Healthcare and OSF Saint Clare Medical Center: Hospital cyberattacks grow more sophisticated as AI lowers barriers, putting patient data at risk
Cyberattack on OSF Healthcare Exposes Patient Data Across Northern Illinois
763
CRITICAL-14
CEROSF1771973986
Cyberattack on OSF Healthcare Exposes Patient Data Across Northern Illinois
In late December 2025, OSF Saint Clare Medical Center in Princeton disclosed a data breach affecting its medical records system provider, Cerner. The incident, first detected in January 2025, involved unauthorized access to sensitive patient information, including names, Social Security numbers, medical records, diagnoses, medications, and test results. Law enforcement requested a delay in notifying patients until September to avoid interfering with the investigation.
OSF later confirmed that multiple facilities were impacted, though further details remain undisclosed. The breach highlights a growing trend of cyberattacks targeting healthcare systems, driven by their complex IT infrastructure, 24/7 operational demands, and the high stakes of downtime where even an hour offline can disrupt surgeries, patient portals, and critical test results.
Cybersecurity experts, including Jon Pisani of PSM Partners, note that hospitals’ interconnected systems and urgency to restore services make them prime targets for ransomware and data theft. The rise of AI has further lowered the barrier for attackers, enabling faster data parsing and more efficient exploitation of vulnerabilities. However, AI tools used by employees can also introduce risks if sensitive information is inadvertently exposed on public platforms.
Human error remains a key entry point for cybercriminals, with phishing emails often serving as the initial attack vector. Once inside, hackers may monitor communications, alter emails, or exfiltrate data before demanding ransom. Unlike ransomware, which can be mitigated with backups, data leaks pose long-term risks, as stolen information may be publicly disseminated even after systems are restored.
In response, hospitals are adopting layered security measures, such as zero-trust models, restricted access, and continuous monitoring. Morris Hospital, which experienced a similar breach in 2023, implemented additional safeguards and offered free identity monitoring to affected individuals. Both OSF and Morris provided credit monitoring services and advised patients to monitor financial and medical records for suspicious activity.
While healthcare systems continue to bolster defenses, experts caution that cybersecurity is an evolving challenge. As Pisani noted, new threats emerge as old vulnerabilities are addressed, ensuring that hospitals with their vast stores of valuable data will remain persistent targets.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2014
782
Breach
01 Jan 2014 • Cerner Corporation
Cerner Health and Atrium Health: Charlotte business week: Hospital data breach, layoffs, an airline returns to CLT
Atrium Health Data Breach via Third-Party Vendor
721
CRITICAL-61
CERATR1778495552
Charlotte Business Landscape Hit by Data Breach, Layoffs, and Industry Shifts
Charlotte’s business sector experienced significant developments this week, marked by a healthcare data breach, workforce reductions, and major corporate settlements.
Healthcare Data Breach at Atrium Health
Atrium Health disclosed a data breach affecting approximately 4,035 North Carolina patients after a third-party vendor, Cerner Health, exposed sensitive information. The compromised data may include names, medical records, and Social Security numbers.
Corporate Settlements and Environmental Violations
Kroger, parent company of Harris Teeter, reached a $102.5 million settlement with regulators over Clean Air Act violations. The agreement includes a $2.5 million civil penalty and a $100 million investment to address refrigerant leaks across over 2,700 stores between 2014 and 2023.
Workforce Reductions and Industry Shifts
Lions Services Inc., a Charlotte nonprofit employing visually impaired workers, announced the layoff of 107 employees by July 1 after losing a key contract. Meanwhile, JetBlue will resume service at Charlotte Douglas International Airport on July 9 with three daily flights to Fort Lauderdale, following Spirit Airlines’ shutdown after a failed $500 million bailout attempt. Competing carriers, including American and Frontier, have introduced rescue fares for stranded travelers.
Development and Legal Disputes
PulteGroup broke ground on Carolina Ridge, a 670-acre community in Midland featuring 1,110 homes, including family and active-adult housing. In legal news, NASCAR’s Joe Gibbs Racing filed a lawsuit against former competition director Christopher Gabehart and Spire Motorsports, alleging trade secret theft and seeking over $8 million in damages. A judge denied an injunction against Spire, citing insufficient evidence.
The week also saw Foundry Commercial list a historic 90-year-old YMCA building in Charlotte’s Brooklyn neighborhood for sale, with plans for mixed-use redevelopment.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Cerner Corporation ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in June 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in May 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in April 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in March 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in February 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in January 2026 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in December 2025 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in November 2025 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in October 2025 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in September 2025 ??
What was Cerner Corporation's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Cerner Corporation's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Cerner Corporation ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Cerner Corporation's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?