308/68 Tuesday, August 26, 2025
DaVita Inc., a U.S.-based dialysis service provider, has confirmed that a ransomware attack led to the leak of personal and health information affecting nearly 2.7 million individuals. The breach was publicly disclosed on April 18, 2025, after DaVita detected encryption activity on its network systems on April 12. To maintain continuity of dialysis services, the company resorted to backup systems and manual procedures.
An investigation revealed that attackers had infiltrated DaVita’s systems between March 24 and April 12, 2025, before access was cut off. The Interlock Ransomware group claimed responsibility, stating they had stolen over 1,510 GB of data, including patient medical records, health insurance details, financial information, and internal company documents, which were later leaked on a data leak site. The Office for Civil Rights (OCR) under the U.S. Department of Health and Human Services has since confirmed that 2,689,826 individuals were affected.
The exposed data varies by individual and may include names, addresses, dates of birth, Social Security numbers, taxpayer identification numbers, health insurance information, and dialysis lab test results. DaVita stated that it is actively working with cybersecurity experts and government agencies to restore its systems, assess the impact, and protect patient data as a top priority.
