Healthcare giant DaVita reveals that thousands were impacted by a cyberattack

Published: 5 August 2025
ecaresoft
Image by Cybernews

Kidney dialysis behemoth DaVita suffered a ransomware attack earlier this year, affecting over 13,000 people in a single state.

The company sent out breach notifications to thousands of Americans, informing them that they have become a likely victim of a cyberattack. In April 2025, DaVita was targeted by a ransomware gang that infiltrated the company’s laboratory servers.

“On April 12th, 2025, we discovered that we experienced a security incident resulting in unauthorized access to certain DaVita network servers, primarily at its laboratories. Upon discovery, we initiated our incident response protocols and were able to eradicate the unauthorized party from our systems on that day,” reads the data breach notice.

ADVERTISEMENT

Information that DaVita submitted to Washington State’s Office of the Attorney General revealed that over 13,000 people were impacted in Washington State alone. We have contacted the company to confirm the total number of impacted individuals.

Ernestas Naprys jurgita Konstancija Gasaityte profile Izabelė Pukėnaitė
Stay informed and get our latest stories on Google News
Google News Follow us

Meanwhile, DaVita’s breach notice claims that attackers accessed laboratory servers and may have gotten their hands on:

  • Names
  • Addresses
  • Dates of birth
  • Social Security numbers
  • Health insurance-related information
  • Certain clinical information, such as health condition, other treatment information,
  • Certain dialysis lab test results

DaVita also added that “for some individuals, the information included tax identification numbers, and in limited cases images of checks written to DaVita.” The company noted that not all data points were revealed for all individuals, with some having more details exposed than others.

However, attackers could exploit details stolen in the April attack for nefarious purposes. For example, they could use the details for identity theft, impersonating victims for financial gain by setting up fraudulent accounts.

Meanwhile, medical data is often a treasured possession among cybercriminals as it allows them to obtain regulated goods. Threat actors can use this information to commit insurance fraud or medical identity theft, aiming for fraudulent prescriptions for various drugs.

The Interlock ransomware gang has taken responsibility for the attack. Discovered in late 2024, the gang quickly rose through cyber underworld ranks, gaining notoriety for attacks on DaVita and Midwest healthcare conglomerate Kettering Health.

ADVERTISEMENT

According to the Cybernews darkweb monitoring tool, Ransomlooker, the gang has victimized at least 51 organizations over the past 12 months.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked