In one of the largest healthcare breaches of 2025, DaVita, a leading U.S. dialysis provider, suffered a massive ransomware attack earlier this year. Between March 24 and April 12, 2025, cybercriminals from the Interlock ransomware group infiltrated DaVita’s lab network, stealing an estimated 1.5 terabytes of sensitive data.
The stolen information reportedly includes:
- Patient names, addresses, and dates of birth
- Social Security numbers and driver’s license details
- Insurance and billing information
- Lab results and medical history
- Images of personal checks and other sensitive documents
Sources indicate that more than 900,000 to 1 million+ individuals have been affected, spanning multiple states.
While DaVita was able to keep patient care running through contingency plans, the incident forced a significant breach notification effort, ongoing forensic investigations, and coordination with law enforcement.
A Warning For Small Businesses
It’s tempting to look at a high-profile breach like this and think you’re safe, because it only happens to big companies. In reality, small and midsize businesses (SMBs) are often at greater risk, especially in healthcare and related industries.
Here’s why:
- Small Businesses are seen as easier targets – Attackers often believe smaller organizations have fewer security controls, making them more vulnerable.
- Supply chain targeting is on the rise – Even if you’re not a large provider like DaVita, you may store, process, or have access to sensitive data that connects you to bigger players, making you a potential entry point.
- Compliance risks are the same – HIPAA and other regulations apply to organizations of all sizes. A breach can result in steep fines, lawsuits, and reputational damage, sometimes severe enough to put an SMB out of business.
- Cybercriminal tools are now automated – Ransomware kits, phishing campaigns, and credential theft tools are widely available, meaning attackers don’t need to “hand-pick” victims. They cast a wide net and see who’s vulnerable.
ISM’s Recommendations
At ISM, we’ve seen firsthand how devastating breaches can be, both for large healthcare systems and smaller practices. We recommend you take these proactive steps:
- Encrypt and segment your data – If attackers break into your network, segmented and encrypted data is much harder to access or use.
- Implement continuous monitoring – Real-time threat detection can stop attacks before they cause significant damage.
- Harden access controls – Use strong passwords, multi-factor authentication (MFA), and strict permissions to reduce the risk of credential theft.
- Vet your vendors – Ensure that labs, billing services, and other partners meet the same security and compliance standards you do.
- Have an incident response plan – The faster you detect, respond, and communicate after an incident, the more damage you can prevent.
Don’t Wait Until You’re a Victim
This attack should serve as a warning for small businesses. Cybersecurity isn’t just a “big company” problem. It’s a business survival issue for organizations of all sizes. Whether you manage a large healthcare network, a specialty clinic, or another data-sensitive business, an outdated security approach puts you in the crosshairs.
ISM can help. Our HIPAA-aware, compliance-focused IT and VoIP solutions are designed to safeguard patient and customer data, reduce downtime, and help you meet evolving regulatory requirements.
Schedule Your Free Consultation →
Learn how we can strengthen your defenses, modernize your communication systems, and keep your business protected.
