DaVita Data Breach Exposes Over One Million Individuals’ Personal and Medical Information

The DaVita data breach has exposed the personal and medical details of more than one million individuals, according to an August 2025 disclosure by the kidney care provider. The incident impacted current and former patients, as well as individuals whose data was processed through DaVita’s dialysis labs without receiving direct treatment. Compromised information includes names, dates of birth, addresses, Social Security numbers, government-issued ID details, banking records, health insurance data, medical records, and laboratory results.

DaVita confirmed that the cyberattack was carried out by the Interlock ransomware group, which stole approximately 1.5 terabytes of data containing about 683,000 files and 75,000 folders. After failed ransom negotiations, the attackers began leaking portions of the stolen data on the dark web, raising concerns about potential identity theft, fraud, and phishing scams. In response to the DaVita data breach, the company implemented containment measures, engaged cybersecurity experts, disconnected affected systems, and notified law enforcement.

The company’s U.S. Securities and Exchange Commission filing revealed that the DaVita data breach has already cost an estimated $13.5 million. This includes $1 million in increased patient care costs and $12.5 million allocated for remediation efforts and enhanced security infrastructure. The incident also disrupted certain dialysis lab services, and at least two class-action lawsuits have been filed in Colorado federal court, alleging negligence and inadequate cybersecurity measures.

To support those affected by the DaVita data breach, the company is offering one year of free Experian Identity Works protection, which includes credit monitoring and up to $1 million in identity theft insurance. Cybersecurity experts advise impacted individuals to enroll in the program, monitor financial and insurance accounts closely, and remain alert for phishing attempts. The incident highlights the increasing frequency of ransomware attacks on healthcare organizations and the urgent need for stronger safeguards to protect sensitive medical data.