DaVita Hit by Ransomware: 2.7M Patient Records Exposed
Leading US kidney dialysis marketplace provider DaVita has fallen victim to a ransomware attack. The Interlock gang claimed responsibility, leaking stolen files, and affecting nearly 2.7 million individuals in the United States. DaVita discovered the incident on April 12, 2025, and is working to restore systems and patient care.
The attack, which occurred between March 24 and April 12, targeted on-premises systems, encrypting data and stealing sensitive information from dialysis labs. Exposed data may include demographic details, health insurance information, clinical records, and even images of checks written to DaVita. DaVita, which serves over 200,000 patients in the US and 49,000 globally, holds a significant 37% share of the US dialysis market. The company is headquartered in Denver and incorporated in Delaware. While the identity of the cybersecurity experts assisting DaVita remains undisclosed, the company is actively working on defense, repair, and restoration of the affected systems to ensure continuity of patient care.
DaVita, a major player in the kidney dialysis sector, is dealing with the aftermath of a significant ransomware incident. With nearly 2.7 million individuals impacted, the company is prioritizing system restoration and patient care. The incident serves as a stark reminder of the increasing threat of cyberattacks on healthcare providers and the importance of robust cybersecurity measures in the US.
