DaVita Data Breach Exposes Private Information of Nearly 916,000 Patients
DaVita, a leading provider of kidney dialysis services, has disclosed a significant data breach that compromised the sensitive information of nearly 916,000 patients.
The security incident was the result of a targeted ransomware attack on the company’s internal network.
Based in Denver, Colorado, DaVita operates facilities across the United States and in 13 other countries, making this a breach with widespread implications.
Details of the Compromised Data and Timeline
The cyberattack, which began on March 24, 2025, persisted for several weeks before being contained on April 12.
Attackers successfully exfiltrated a vast amount of patient data, which included full names, Social Security numbers, and private health insurance details.
The breach primarily impacted the company’s laboratory systems, compromising records vital to patient care and administration.
DaVita has begun notifying affected individuals, providing them with information regarding the scope of the exposure.
Ransomware Gang Claims Responsibility for Cyberattack
On April 25, a ransomware group known as Interlock publicly claimed responsibility for orchestrating the cyberattack against the healthcare provider.
The cybercriminal organization stated it stole approximately 1.5 terabytes of confidential data from DaVita’s servers.
Interlock’s apparent motive is extortion, as the group has threatened to either sell or publicly release the stolen patient information if its ransom demands are not met.
While the attack was executed using ransomware, DaVita has not yet confirmed the specific method the attackers used to gain initial access to its network systems.
