Nearly a million patients hit by DaVita dialysis ransomware attack

Healthcare institutions have become a favorite target for bad actors, largely because of how easy they make it for attackers. Back in June, researchers discovered a healthcare data breach that exposed the personal information of around 8 million patients. All of this information was publicly accessible online without any passwords or authentication protocols.

The latest healthcare organization to suffer a breach is DaVita, which has put nearly a million people at risk. Headquartered in Denver, Colorado, DaVita provides dialysis treatment to about 200,000 patients across the US and 13 other countries.

What you need to know DaVita ransomware attack

Kidney dialysis giant DaVita says nearly 916,000 people had personal and medical information exposed in an April ransomware attack (via Comparitech). The breach, which the company disclosed in state filings, compromised names, Social Security numbers, dates of birth, health insurance details, medical records, tax ID numbers, addresses, and even images of checks made out to the company.

DaVita says the incident disrupted internal operations and primarily affected its laboratories. In its latest notice to victims, the company says the cyberattack began on March 24th, 2025, and continued until April 12th. It has not confirmed whether a ransom was paid.

Ransomware gang Interlock claimed responsibility on April 25th, posting screenshots of alleged stolen documents and saying it took 1.5TB of DaVita’s data. The group lists the company on its public leak site, where it pressures victims by threatening to sell or release stolen files.

DaVita is offering eligible breach victims free identity restoration services through Experian, with a November 28th enrollment deadline. The company has not confirmed how attackers gained access to its network or the size of the ransom demand.

CyberGuy reached out to DaVita for comment but did not receive a response before publication.

Who’s behind the DaVita breach

Interlock, which first appeared in October 2024, has claimed responsibility for the DaVita attack and at least 23 other ransomware attacks, plus dozens more that remain unverified. Healthcare targets have included Texas Digestive Specialists, Kettering Health, and Naper Grove Vision Care, all of which reported data breaches in 2025.

The DaVita incident is the second-largest US healthcare ransomware attack by number of records this year, behind Frederick Health’s January breach. According to Comparitech, there have been 53 confirmed ransomware attacks on American healthcare providers in 2025 alone, compromising more than 3.2 million patient records.

6 ways to protect yourself from DaVita ransomware attack

The DaVita data breach exposed sensitive patient information. If you are affected or just want to stay one step ahead, these actions can help minimize your risk.

1) Don’t click on suspicious links or attachments and use strong antivirus software

The DaVita data breach likely gives attackers access to your contact details, which they can misuse. Avoid clicking on unexpected emails or messages, even if they look legitimate.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

2) Use a personal data removal service

Since your personal details were exposed in the DaVita breach, you’re more vulnerable to targeted fraud. Consider using a personal data removal service to scrub your personal details from data broker websites that sell your information.

While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.

Is your personal information exposed online?

Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.

3) Use strong, unique passwords for every account

Reusing passwords increases your risk. A single leaked password can unlock multiple accounts. Use a password manager to generate and store secure passwords.

4) Sign up for an identity theft protection service

DaVita is offering free identity theft and credit monitoring services to those affected by the breach. But even if you weren’t impacted by this specific breach, it’s still smart to protect yourself.

Identity theft protection services can alert you to suspicious activity, help you recover if your identity is stolen, and often provide tools to freeze or lock your credit. That prevents fraudsters from opening new accounts in your name, and you can lift the freeze temporarily when needed.

5) Enable two-factor authentication (2FA)

Adding a second layer of login protection like a text message or app-based code via 2FA, can make it much harder for DaVita attackers to access your accounts, even if your password is exposed.

6) Monitor your credit and financial accounts

Keep an eye out for strange charges or unfamiliar accounts. Set up alerts through your bank and review your credit report regularly to catch fraud early.

Related Links:

• Browser extensions put millions of Google Chrome users at risk
• Medicare data breach exposes 100,000 Americans’ info
• Malware exposes 3.9 billion passwords in huge cybersecurity threat

Kurt’s key takeaway

The investigation into the DaVita breach is ongoing, and the company has not disclosed how the hackers got in. Nearly a million people now face the possibility of their personal information being used for malicious purposes. Ransomware attacks on hospitals and clinics can lock critical systems, delay care, and push providers back to paper records. In severe cases, they can force appointment cancellations, patient diversions, and potentially endanger lives.

Should US law require healthcare organizations to meet stricter cybersecurity standards? Let us know in the comments below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Copyright 2025 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.