Huge healthcare breach sees nearly a million patients hit following DaVita ransomware attack – make sure you’re safe
- DaVita reveals more on effects of April 2025 ransomware attack
- The Interlock group stole sensitive files on thousands of people
- Affected patients offered free identity theft monitoring
US healthcare company DaVit has revealed it suffered a ransomware attack and a data breach earlier this year which saw patient data stolen.
The company, which specializes in providing kidney care services, filed a new form with the Office of the Washington State Attorney General, in which it confirmed the attack took place between March 24 and April 12, 2025, and saw the criminals take people’s names, Social Security numbers (SSN), driver’s license numbers, Washington ID card numbers, financial and banking information, full dates of birth, health insurance policy or ID numbers, and other medical information.
In Washington state alone, more than 13,000 people were affected, with the full number of victims unknown at this time.
Interlock takes credit
DaVita also shared the data breach notification letter it’s been sending out to the victims, which stated it spotted the attack on April 12, and ousted the infiltrators on the same day. Third-party forensics experts were brought in, and law enforcement was notified.
The data grabbed came from its dialysis labs database and, varying from person to person, could include certain clinical information such as health condition, other treatment information, and certain dialysis lab test results.
“For some individuals, the information included tax identification numbers, and in limited cases images of checks written to DaVita.”
According to Cybernews, the attack was the work of the Interlock ransomware group, which emerged in late 2024, and has since then successfully broken into at least 51 organizations.
While the company says there is no evidence that the data is being misused in the wild, it urged its patients to be wary of incoming emails, especially unsolicited messages claiming to come from DaVita itself. Patients should also review their account statements and monitor their free annual credit reports for suspicious activity and potential errors.
DaVita has offered free identity theft protection, and credit monitoring, through Experian IdentityWorks.
You might also like
DaVita reveals more on effects of April 2025 ransomware attack The Interlock group stole sensitive files on thousands of people Affected patients offered free identity theft monitoring US healthcare company DaVit has revealed it suffered a ransomware attack and a data breach earlier this year which saw patient data stolen.…
