HQ/EMEAFind out how we can help your business
The Interlock ransomware group claimed the cyberattack on the kidney dialysis provider DaVita. Based on reports, it has leaked what it claims are stolen files from the organisation.
DaVita, a Fortune 500 company, operates over 2,600 dialysis centres in the U.S., employs 76,000 individuals across 12 countries, and generates more than $12.8 billion annually.
On April 12, the healthcare provider informed the U.S. SEC about a ransomware attack that impacted some of its operations, noting it was investigating the incident’s effects.
The Interlock ransomware added DaVita to its victim list on its dark web data leak site.
Last week, the Interlock ransomware group added DaVita to the list of victims on its dark web data leak site.
The group claimed to possess at least 1.5 terabytes of information stored by the company, including nearly 700,000 files containing sensitive patient data, user account information, insurance details, and financial records.
The group made these files available on their site, suggesting that negotiations for payment with DaVita did not succeed.
Researchers reached out to DaVita for a statement on Interlock’s claims, and a spokesperson stated that the company is aware of the dark web post and is currently conducting a comprehensive review of the involved data.
On the other hand, an extensive investigation into this incident is still ongoing. Moreover, the company revealed they are acting swiftly and will inform any affected parties and individuals accordingly.
Furthermore, the company expressed disappointment as these actions are directed towards the healthcare field. It remains committed to sharing important information with our vendors and partners to enhance their understanding of how to prevent similar attacks in the future.
The institution also advised the public that if they have received care at a DaVita centre and provided sensitive information to the company, they should be wary of potential phishing attempts and report any suspicious messages or communications to the appropriate authorities.
Interlock is a relatively new player in the ransomware landscape. It launched last September and focuses on Windows and FreeBSD systems. While it does not collaborate with external affiliates, it remains a dynamic and emerging threat, having claimed responsibility for about a dozen attacks.
