DaVita ransomware attack exposes 916,000 patient records and data

Posted by Kurt Knutsson, CyberGuy Report | 3 hours ago | Fox News | Views: 6


NEWYou can now listen to Fox News articles!

Healthcare institutions have become a favorite target for bad actors, largely because of how easy they make it for attackers. In June, researchers discovered a healthcare data breach that exposed the personal information of around 8 million patients. All of this information was publicly accessible online without any passwords or authentication protocols.

The latest healthcare organization to fall victim to a breach is DaVita, which has put nearly a million people at risk. Headquartered in Denver, Colorado, DaVita provides dialysis treatment to about 200,000 patients across the U.S. and 13 other countries.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

DIOR DATA BREACH EXPOSES US CUSTOMERS’ PERSONAL INFORMATION

A healthcare professional working on her laptop  (Kurt “CyberGuy” Knutsson)

What you need to know DaVita ransomware attack

Kidney dialysis giant DaVita says nearly 916,000 people had personal and medical information exposed in an April ransomware attack (via Comparitech). The breach, which the company disclosed in state filings, compromised names, Social Security numbers, dates of birth, health insurance details, medical records, tax ID numbers, addresses and even images of checks made out to the company.

DaVita says the incident disrupted internal operations and primarily affected its laboratories. In its latest notice to victims, the company says the cyberattack began March 24, 2025, and continued until April 12. It has not confirmed whether a ransom was paid.

Ransomware gang Interlock claimed responsibility on April 25, posting screenshots of alleged stolen documents and saying it took 1.5TB of DaVita’s data. The group lists the company on its public leak site, where it pressures victims by threatening to sell or release stolen files.

DaVita is offering eligible breach victims free identity restoration services through Experian, with a Nov. 28 enrollment deadline. The company has not confirmed how attackers gained access to its network or the size of the ransom demand.

CyberGuy reached out to DaVita for comment but did not receive a response before publication.

person typing on tablet

A healthcare professional working on a tablet   (Kurt “CyberGuy” Knutsson)

Who’s behind the DaVita breach

Interlock, which first appeared in October 2024, has claimed responsibility for the DaVita attack and at least 23 other ransomware attacks, plus dozens more that remain unverified. Healthcare targets have included Texas Digestive Specialists, Kettering Health and Naper Grove Vision Care, all of which reported data breaches in 2025.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

The DaVita incident is the second-largest U.S. healthcare ransomware attack by number of records this year, behind Frederick Health’s January breach. According to Comparitech, there have been 53 confirmed ransomware attacks on American healthcare providers in 2025 alone, compromising more than 3.2 million patient records.

patient vitals

A screen showing a patient’s vitals  (Kurt “CyberGuy” Knutsson)

6 ways to protect yourself from DaVita ransomware attack

The DaVita data breach exposed sensitive patient information. If you are affected or just want to stay one step ahead, these actions can help minimize your risk.

1. Don’t click on suspicious links or attachments and use strong antivirus software

The DaVita data breach likely gives attackers access to your contact details, which they can misuse. Avoid clicking on unexpected emails or messages, even if they look legitimate.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com/LockUpYourTech

2. Use a personal data removal service

Since your personal details were exposed in the DaVita breach, you’re more vulnerable to targeted fraud. Consider using a personal data removal service to scrub your personal details from data broker websites that sell your information.

While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com/Delete

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com/FreeScan 

GET FOX BUSINESS ON THE GO BY CLICKING HERE

3. Use strong, unique passwords for every account

Reusing passwords increases your risk. A single leaked password can unlock multiple accounts. Use a password manager to generate and store secure passwords.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/Passwords

4. Sign up for an identity theft protection service

DaVita is offering free identity theft and credit monitoring services to those affected by the breach. But even if you weren’t a victim of this specific breach, it’s still smart to protect yourself.

Identity theft protection services can alert you to suspicious activity, help you recover if your identity is stolen and often provide tools to freeze or lock your credit. That prevents fraudsters from opening new accounts in your name, and you can lift the freeze temporarily when needed.

See my tips and best picks on how to protect yourself from identity theft at  Cyberguy.com/IdentityTheft

5. Enable two-factor authentication (2FA)

Adding a second layer of login protection, like a text message or app-based code via 2FA, can make it much harder for DaVita attackers to access your accounts, even if your password is exposed.

6. Monitor your credit and financial accounts

Keep an eye out for strange charges or unfamiliar accounts. Set up alerts through your bank and review your credit report regularly to catch fraud early.

CLICK HERE TO GET THE FOX NEWS APP

Kurt’s key takeaway

The investigation into the DaVita breach is ongoing, and the company has not disclosed how the hackers got in. Nearly a million people now face the possibility of their personal information being used for malicious purposes. Ransomware attacks on hospitals and clinics can lock critical systems, delay care and push providers back to paper records. In severe cases, they can force appointment cancellations and patient diversions and potentially endanger lives.

Should U.S. law require healthcare organizations to meet stricter cybersecurity standards? Let us know by writing to us at Cyberguy.com/Contact

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

Copyright 2025 CyberGuy.com.  All rights reserved.  

Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.



Fox News

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *