Kidney dialysis provider DaVita has confirmed that cybercriminals stole personal and health information belonging to nearly 2.7 million individuals during a ransomware attack.

The healthcare giant operates over 3,100 outpatient dialysis centers worldwide and reported revenues exceeding $12 billion in 2024.

The attack timeline reveals a concerning duration of unauthorized access. Hackers first infiltrated DaVita’s network on March 24, 2025, and maintained access until April 12 when the company detected and removed them from their systems.

What Information Was Stolen

The breach affected DaVita’s dialysis labs database, exposing a wide range of sensitive data. Stolen information includes:

• Names, addresses, and birth dates
• Social Security numbers
• Health insurance details
• Medical conditions and treatment records
• Dialysis lab test results
• Tax identification numbers for some patients
• Images of personal checks in limited cases

DaVita reported 2,689,826 affected individuals to the Department of Health’s Office for Civil Rights, though internal investigations suggest the actual number may be closer to 2.4 million people.

Interlock Ransomware Gang Claims Responsibility

While DaVita hasn’t officially named the attackers, the Interlock ransomware gang claimed responsibility for the breach in late April. After failed negotiations with the company, the cybercriminals leaked allegedly stolen data on their dark web portal.

Interlock claims to have stolen approximately 1.5 terabytes of data, including nearly 700,000 files containing patient records, insurance information, user accounts, and financial data. DaVita confirmed the legitimacy of some leaked files on June 18 after obtaining them for analysis.

The Interlock operation emerged in September 2024, focusing attacks on healthcare organizations worldwide. Security researchers have linked the group to malware campaigns and attacks on multiple UK universities.

Company Response and Patient Protection

DaVita has implemented several protective measures following the incident. The company engaged third-party forensic experts and reported the breach to law enforcement.

Patient care continued throughout the response period, and all affected network systems have been restored securely.

Affected patients will receive notification letters by mail, with living patients offered complimentary credit monitoring and identity theft protection services.

Final Thoughts

This massive breach highlights the ongoing cybersecurity challenges facing healthcare providers.

With 2.7 million patients affected, this ranks among the largest healthcare data breaches in recent years.

Patients should monitor their financial accounts closely and report any suspicious activity immediately to their banks and law enforcement.

For more details on this story, refer to the official statement from DaVita and the report from Bleeping Computer.

We want to know your thoughts. What do you think about this story? Let us know in the comment section below!

Be sure to stay up-to-date with the latest streaming news, reviews, tips, and more by following the iptv subscrib with updates weekly.