DaVita Ransomware Attack: 2.7 Million Individuals Impacted
- Katarzyna Celińska
- Oct 15
- 2 min read
Kidney dialysis giant DaVita has confirmed that a ransomware attack in April 2025 compromised the personal and health data of nearly 2.7 million people.
The attackers — identified as the Interlock ransomware group — infiltrated DaVita’s lab servers, exfiltrated sensitive data, and encrypted parts of the network. While patient care at its 3,100+ dialysis centers continued, the attack caused operational disruption and has already cost DaVita over $13.5 million in response and remediation.
Photo: https://pl.freepik.com/
Data compromised included:
✅ Personal identifiers → names, addresses, dates of birth, Social Security numbers.
✅ Health data → insurance details, dialysis test results, treatment info.
✅ Financial data → tax IDs, and in some cases, images of checks written to DaVita.
Hackers claimed to have stolen 20+ terabytes of databases containing over 200 million rows of patient data, later leaking parts of it when ransom negotiations failed.
This incident is not an isolated case — healthcare continues to be:
✅ One of the most targeted sectors due to sensitive, high-value patient data.
✅ One of the least mature in cybersecurity, often lacking resources or resilience.
The impact spans three critical dimensions:
1️⃣ Patients’ DataPrivacy → Exposure of sensitive medical and financial data.
2️⃣ Service Availability → Operational disruption, even if patient care continued.
3️⃣ SupplyChain Risks → Partner institutions and service providers may also be affected downstream.
This is reminiscent of breaches like ALAB in Poland and Synnovis in the UK, proving the issue is truly global.
This is not the first, and it won’t be the last attack on healthcare. DaVita’s case is a reminder that healthcare is both one of the most targeted and least mature sectors in terms of cybersecurity. Breaches affect not just the direct victim, but also patients, clients, and the wider healthcare supply chain. We must always analyze such incidents across three dimensions: data breach, service unavailability, and supply chain disruption.
Healthcare providers and their partners must prioritize:
✅ Risk analysis and cybersecurity and privacy compliance.
✅ Resilience planning for ransomware and service continuity.
✅ Supply chain security, as breaches ripple across the ecosystem.
Author: Sebastian Burgemejster
Comments