DaVita dialysis provider confirms Interlock ransomware attack exposed personal and medical data of 2.7 million patients including Social Security numbers, health records, and financial information in sophisticated healthcare breach.
Humanoid robotics in 2025 is moving from fiction to reality, with Boston Dynamics pushing technical limits and challengers like Tesla and China’s Unitree driving fierce competition. This global race is redefining industry, innovation, and the role of machines in daily life.
Qilin ransomware hit Nissan’s Creative Box studio, stealing 4TB of data including vehicle designs, financial records, and VR tech. The breach threatens Nissan’s IP and global operations.
DaVita dialysis provider confirms Interlock ransomware attack exposed personal and medical data of 2.7 million patients including Social Security numbers, health records, and financial information in sophisticated healthcare breach.
Cyber News Centre's cyber update for 25th August 2025: DaVita has confirmed a devastating ransomware attack by the Interlock gang that exposed sensitive personal and medical information of nearly 2.7 million patients across the United States.
DaVita Inc. is a Fortune 500 healthcare company headquartered in Denver, Colorado, that operates as one of the largest kidney dialysis providers in the United States. The company serves approximately 200,000 patients through a network of 2,675 outpatient dialysis centers across the country and operates in 13 additional countries worldwide.
Update: DaVita has disclosed that the Interlock ransomware gang successfully infiltrated its systems between March 24 and April 12, 2025, compromising the personal and medical information of nearly 2.7 million patients in what represents the second-largest healthcare cyberattack in the United States this year.
The breach primarily affected the company's laboratory operations and disrupted internal systems, forcing DaVita to implement immediate containment measures. The stolen data includes highly sensitive information such as patients' full names, Social Security numbers, dates of birth, health insurance details, comprehensive medical records, tax identification numbers, home addresses, and even images of checks made payable to the company. The Interlock ransomware group, which first emerged in September 2024, claimed responsibility for the attack on April 25, 2025, boasting that they had extracted approximately 1.5 terabytes of confidential data from DaVita's network infrastructure.
The cybercriminals have listed DaVita on their public leak site, where they typically pressure victims by threatening to sell or publicly release stolen files if ransom demands are not met. DaVita has not confirmed whether any ransom payment was made to the attackers, and the company has not disclosed the specific entry point used by the hackers or the size of any ransom demand. The healthcare giant is now offering affected patients free identity restoration services through Experian, with enrollment available until November 28, 2025.
Why it Matters: This massive healthcare breach demonstrates the escalating threat that ransomware groups pose to critical medical infrastructure worldwide, with implications extending far beyond US borders to countries like Australia where similar healthcare systems face identical vulnerabilities. The Interlock gang's sophisticated attack on DaVita reveals how cybercriminals are increasingly targeting healthcare providers due to their vast repositories of valuable personal and medical data, combined with their critical operational nature that makes them more likely to pay ransoms quickly.
This incident serves as a stark warning about the global nature of ransomware threats and the urgent need for enhanced cybersecurity measures in medical facilities. The breach affects not only direct patient care but also highlights the interconnected nature of modern healthcare systems, where data breaches can impact veteran care programs and international medical partnerships, potentially affecting Australian patients receiving treatment abroad or through international healthcare networks.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Qilin ransomware hit Nissan’s Creative Box studio, stealing 4TB of data including vehicle designs, financial records, and VR tech. The breach threatens Nissan’s IP and global operations.
US-based pharmaceutical research organisation Inotiv has confirmed a significant ransomware attack by the Qilin group, disrupting operations and leading to the encryption of critical systems. The attack has impacted business continuity, with the data breach still under investigation.
Australian internet provider iiNet confirms major data breach affecting 280,000+ customers after hackers used stolen employee credentials to access order management system. TPG CEO apologises "unreservedly" as investigation continues.
HR giant Workday confirms data breach affecting 70+ million users worldwide after hackers infiltrated third-party CRM platform via social engineering. Attack part of broader ShinyHunters campaign targeting major corporations through Salesforce systems.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
