Thought Leadership
The dialysis provider DaVita has confirmed the consequences of a serious security incident: Cybercriminals gained unauthorized access to company systems in April, compromising the data of around 2.7 million people.
The security incident occurred on April 12, as DaVita explained in a data protection statement. The attack was mainly directed against network servers in the company’s laboratories. According to DaVita, the intruders were removed from the systems on the day they were discovered.
The compromised information includes a wide range of sensitive data: Full names, home addresses, dates of birth and social security numbers are included, as well as health insurance-related details and internal company identifiers. The attackers also obtained clinical data, including information on health conditions, treatment histories and laboratory values from dialysis treatments.
DaVita is an international healthcare provider that specializes in the treatment of kidney diseases and dialysis services in particular.
Financial data also affected
Some of those affected also had their tax identification numbers stolen. In some cases, the criminals gained access to digital copies of private checks that customers had issued to DaVita.
According to a report to the US Department of Health and Human Services, 2,689,826 people were initially affected by the data theft. According to media reports, this figure is likely to be reduced to around 2.4 million once the investigation has been completed.
The information involved varied by individual and may have included certain demographic information, such as name, address, date of birth, social security number, health insurance-related information, and other identifiers internal to DaVita, as well as certain clinical information, such as health condition, other treatment information, and certain dialysis lab test results. For some individuals, the information included tax identification numbers, and in limited cases images of checks written to DaVita.
Well-known ransomware group behind it
The ransomware group Interlock, which has already publicly claimed responsibility for the attack, Such health data is particularly valuable to criminals as it can be used for identity theft, insurance fraud or the unlawful procurement of prescription drugs.
In response, DaVita is providing free credit monitoring and identity theft protection to affected individuals.
