DaVita, a leading kidney dialysis provider, suffered a cyber-attack resulting in the theft of confidential patient data.

In a shocking turn of events, DaVita, a leading US-based kidney dialysis provider, has confirmed a data breach affecting over 900,000 of its customers. The breach, which occurred between March 24 and April 12, 2025, compromised sensitive data of approximately 2.7 million patients.

According to reports by Comparitech, a surge in ransomware attacks on the healthcare industry was observed in 2024. However, the growth rate of such attacks has slowed down in the first half of 2025, as per Comparitech's July report.

The Interlock ransomware group, while not explicitly named in the search results, is believed to be responsible for the attack on DaVita. The group claimed responsibility for the breach and alleged to have stolen 1.5 TB of data from DaVita's dialysis labs database.

Images of part of the stolen data were posted by the Interlock ransomware group to prove their claim, according to Comparitech. The stolen data included personally identifiable information, clinical information, and in some cases, tax identification numbers and images of checks.

In a notification letter sent to impacted customers on August 5, DaVita revealed the nature of the stolen data. The company has offered free credit monitoring services to affected customers to help protect them against potential identity theft and fraud.

In its second quarter 2025 financial results, published on August 5, DaVita revealed that the April cyber-attack cost approximately $13.5 million to remediate and restore systems with the assistance of third-party cybersecurity professionals.

The attack on DaVita is just one of numerous high-profile incidents affecting healthcare firms that have taken place in 2025. For instance, Ohio-based Kettering Health was affected by a ransomware attack, resulting in the cancellation of elective inpatient and outpatient procedures across its 14 hospitals and over 120 facilities.

Despite the slowdown in ransomware attacks on the healthcare industry in the first half of 2025, it is crucial for healthcare providers to remain vigilant against such threats. Impacted customers have been urged to be vigilant against identity theft and fraud in the wake of the DaVita data breach.

Comparitech analysed the incident and reported on the growth of ransomware attacks in the healthcare industry in July 2025. As the digital landscape continues to evolve, it is essential for businesses and individuals alike to prioritise cybersecurity measures to protect sensitive data.

DaVita, a leading kidney dialysis provider, suffered a cyber-attack resulting in the theft of confidential patient data.