DaVita Cyberattack Exposes 2.7 Million Dialysis Patient Records
Published
- Healthcare cyberattack: Hackers accessed the lab database of U.S. dialysis services provider DaVita and 2.7 million records.
- What was impacted: The compromised database contained patients’ names, addresses, Social Security numbers, and health details.
- Ransomware claim: While the firm did not disclose other details, Interlock Ransomware claimed the attack.
The significant DaVita cyberattack discovered in April has compromised sensitive healthcare information belonging to 2.7 million individuals, according to official disclosures published on the U.S. Department of Health and Human Services website.
DaVita's network provides essential dialysis treatments that mechanically filter blood for patients with compromised kidney function. The healthcare data breach represents one of the most substantial cybersecurity incidents to impact the dialysis treatment sector in recent years.
Comprehensive Cybersecurity Incident Details
The firm, which operates approximately 3,000 outpatient clinics nationwide, confirmed that the April 2025 cybersecurity incident involved threat actors accessing its laboratory database and encrypting critical elements of the dialysis services provider's network infrastructure.
"We're notifying current and former patients and providing them with resources, including complimentary credit monitoring, to help safeguard their data," DaVita said on Thursday, cited by Reuters.
Regulators in Oregon, Texas, South Carolina, Washington, and Massachusetts were informed in April that 915,952 U.S. residents were affected. Stolen information includes names, addresses, dates of birth, Social Security numbers, demographic data, health insurance information, health conditions, dialysis lab test results, and treatment details.
These breach notification letters claimed there was no evidence of misuse, but shortly after the attack, the Interlock ransomware claimed to have stolen 1.51 TB of DaVita Kidney Care data, complete with samples.
The company maintained continuous patient data security protocols throughout the incident, ensuring uninterrupted delivery of life-critical medical services despite significant operational disruptions.
Financial Impact and Recovery Operations
The DaVita ransomware attack generated substantial remediation costs during the second quarter of 2025, according to Reuters. The company reported approximately $13.5 million in incident-related expenses, including $1 million in increased patient care costs and $12.5 million in administrative expenditures for system restoration and professional cybersecurity services.
This healthcare sector incident underscores critical vulnerabilities within medical infrastructure networks that manage extensive patient databases.
Healthcare organizations continue facing sophisticated ransomware campaigns targeting electronic health records and operational systems essential for patient care delivery. Last month, a North Country HealthCare breach was allegedly caused by Stormous Ransomware, reportedly impacting 600,000 patients.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular