Davita: 2.7 million people personal and health data were stolen in the ransom software attack

Davita, a US -based kidney dialysis company, confirmed that the sensitive data of approximately 2.7 million people were stolen with the ransom software attack.

Details of the attack

• The attackers infiltrated Davita's network on 24 March 2025.
• The company noticed the incident on 12 April and removed the attackers from their systems.
• During this time, the attackers reached the dialysis laboratory database.

Among the stolen data:

• Name, address, date of birth, social security number
• Health Insurance Data
• Disease, treatment information, laboratory test results
• Tax ID numbers and personal check images for some people

The US Department of Health's Civil Rights Office (OCR) announced that 2,689,826 people were affected by the incident.

The claim of the Interlock group

Davita does not explain the responsible of the attack, but the Interlock ransom software group undertook the attack at the end of April.

In June, Davita confirmed that some of the leaked files belonged to them.

Davita spokesman, "Unfortunately, we have found that the attacker provides unauthorized access to some patients' personal data. Therefore, we inform existing and old patients and offer free credit monitoring services against identity theft."

About Interlock

The interlocking ransom software group, which emerged in 2024, is especially targeting health institutions.

Kaynak: Beykozun Sesi