Overview

• DaVita says attackers accessed its network from March 24 until detection and removal on April 12, when the company also filed an SEC Form 8-K.
• Stolen information includes names, addresses, dates of birth, Social Security numbers, insurance details, and clinical data such as treatment information and dialysis lab test results.
• For some individuals, exposed data also includes tax identification numbers and, in limited cases, images of personal checks.
• Interlock claimed responsibility and posted leaked data it said totaled about 1.5 terabytes; DaVita later obtained some leaked files and confirmed they came from its dialysis labs database.
• DaVita reports systems have been restored and about $13.5 million in second-quarter expenses tied to the incident, as federal agencies investigate and The Register reports the company has finalized an internal total of roughly 2.4 million people pending an HHS update.