DaVita Data Breach Exposes 2.7 Million Patients in Ransomware Attack
▼ Summary
– DaVita suffered a ransomware attack that stole personal and health information of nearly 2.7 million individuals.
– The attackers accessed DaVita’s network on March 24 and were removed after detection on April 12, partially encrypting systems.
– Stolen data includes names, addresses, social security numbers, health insurance details, treatment information, and lab results.
– The Interlock ransomware gang claimed responsibility and leaked stolen data after failed negotiations with DaVita.
– DaVita confirmed the data breach’s legitimacy and is offering credit monitoring to affected individuals.
DaVita, a major kidney dialysis provider, has confirmed a significant data breach impacting approximately 2.7 million patients following a ransomware attack. The incident exposed a wide range of sensitive personal, health, and financial information, raising serious concerns about patient privacy and data security within the healthcare sector.
The company, which operates thousands of dialysis centers across the United States and internationally, first detected unauthorized network activity in late March. Attackers remained inside the system for several weeks before being discovered and removed in mid-April. During that time, they extracted data from DaVita’s dialysis labs database, which housed a mix of personal identifiers, health insurance details, and medical records.
Compromised information includes names, addresses, dates of birth, and Social Security numbers, along with specific health data such as treatment details and lab results. For some individuals, the breach also involved tax identification numbers and images of personal checks, further increasing the risk of identity theft and financial fraud.
Although DaVita has not publicly attributed the attack to a specific group, the Interlock ransomware gang claimed responsibility and later published stolen files on the dark web after failed negotiations. The group alleged it had taken nearly 1.5 terabytes of data, including sensitive patient and financial records.
In response to the incident, DaVita is notifying affected individuals and offering complimentary credit monitoring services. The company has also collaborated with federal authorities, including the Department of Health and Human Services, which officially logged the breach affecting more than 2.6 million people.
Interlock, a relatively new but aggressive ransomware operation, has been increasingly targeting healthcare organizations. The group has also been linked to recent attacks against other medical providers and educational institutions, highlighting a troubling trend in cyber threats facing critical infrastructure sectors.
DaVita continues to investigate the full scope of the incident and strengthen its cybersecurity measures to prevent future breaches.
(Source: Bleeping Computer)
