Comparitech has reported that the ransomware gang Interlock today claimed the cyberattack on kidney dialysis company DaVita last week where 1.5 TB of data was stolen.
In a blog post reporting this news, Rebecca Moody, Head of Data Research at Comparitech, wrote:
“Interlock first began adding victims to its data leak site in October 2024. As with most ransomware gangs today, it seeks a ransom payment for the decryption of systems and the deletion of stolen data.”
“Since October 2024, we’ve tracked 13 confirmed attacks via this group and a further 13 unconfirmed attacks that haven’t been acknowledged by the organizations in question.”
“2025 has already seen 17 confirmed attacks on US healthcare companies, as well as a further 80 unconfirmed.”
“As we are seeing with DaVita, ransomware attacks on healthcare companies have the potential for widespread disruption. Not only can patient care be affected when systems are encrypted, but these attacks often have ongoing consequences when data is stolen by hackers. In 2024 alone, nearly 25.7 million individual records were breached across 160 ransomware attacks on US healthcare providers.”
James McQuiggan, Security Awareness Advocate at KnowBe4 had this comment:
“Sadly, it’s another ransomware case, another data leak. The mechanics haven’t changed much: initial access, privilege escalation, exfiltration, extortion. Rinse. Lather. Repeat. What’s still missing in many organizations is the alignment across people, processes, and technology. Cybercriminals rely on simple vectors like phishing or weak external access with unpatched systems or credential stuffing.”
“Cybercriminals will steal data before encrypting it, so preventative measures must include outbound traffic monitoring and to consider controls to limit data movement. Good backups help recovery but don’t neutralize extortion. Organizations need plans for data leaks, not just complete data loss. Cybersecurity teams need tested response plans for encryption and extortion; if not, you’re unprepared for an attack. Coordinate with legal, comms, IT, and incident response teams before it’s public.”
“Technology alone can’t solve the human risk aspect. Reduce risk by building a strong security culture where security habits are reinforced, measured, and modeled from the top. Ensure cybersecurity teams coordinate across executives, IT, compliance, legal, and communications to reduce the opportunity for a cybercriminal to have the upper hand.”
I am truly afraid that ransomware attacks are out of control at this point. This is scary as nobody is safe. This is not a good place to be in. Something needs to change on this front and fast.
Related
This entry was posted on April 24, 2025 at 12:54 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Interlock claims attack on kidney dialysis company DaVita – 1.5 TB of data stolen
Comparitech has reported that the ransomware gang Interlock today claimed the cyberattack on kidney dialysis company DaVita last week where 1.5 TB of data was stolen.
In a blog post reporting this news, Rebecca Moody, Head of Data Research at Comparitech, wrote:
“Interlock first began adding victims to its data leak site in October 2024. As with most ransomware gangs today, it seeks a ransom payment for the decryption of systems and the deletion of stolen data.”
“Since October 2024, we’ve tracked 13 confirmed attacks via this group and a further 13 unconfirmed attacks that haven’t been acknowledged by the organizations in question.”
“2025 has already seen 17 confirmed attacks on US healthcare companies, as well as a further 80 unconfirmed.”
“As we are seeing with DaVita, ransomware attacks on healthcare companies have the potential for widespread disruption. Not only can patient care be affected when systems are encrypted, but these attacks often have ongoing consequences when data is stolen by hackers. In 2024 alone, nearly 25.7 million individual records were breached across 160 ransomware attacks on US healthcare providers.”
James McQuiggan, Security Awareness Advocate at KnowBe4 had this comment:
“Sadly, it’s another ransomware case, another data leak. The mechanics haven’t changed much: initial access, privilege escalation, exfiltration, extortion. Rinse. Lather. Repeat. What’s still missing in many organizations is the alignment across people, processes, and technology. Cybercriminals rely on simple vectors like phishing or weak external access with unpatched systems or credential stuffing.”
“Cybercriminals will steal data before encrypting it, so preventative measures must include outbound traffic monitoring and to consider controls to limit data movement. Good backups help recovery but don’t neutralize extortion. Organizations need plans for data leaks, not just complete data loss. Cybersecurity teams need tested response plans for encryption and extortion; if not, you’re unprepared for an attack. Coordinate with legal, comms, IT, and incident response teams before it’s public.”
“Technology alone can’t solve the human risk aspect. Reduce risk by building a strong security culture where security habits are reinforced, measured, and modeled from the top. Ensure cybersecurity teams coordinate across executives, IT, compliance, legal, and communications to reduce the opportunity for a cybercriminal to have the upper hand.”
I am truly afraid that ransomware attacks are out of control at this point. This is scary as nobody is safe. This is not a good place to be in. Something needs to change on this front and fast.
Share this:
Like this:
Related
This entry was posted on April 24, 2025 at 12:54 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.