UPDATES
1
2
2
1
threat
UPDATES
1
US
US kidney dialysis firm DaVita has confirmed it was hit by a ransomware attack that encrypted parts of its network. The company has since activated its response protocols and isolated the affected systems.
2
UK
Google Threat Intelligence researchers have issued a warning, stating that the threat actors behind recent cyber intrusions targeting UK retailers are now employing similar social engineering tactics against companies in the US retail sector.
While DaVita has not yet provided details on the extent of the operational impact or the anticipated duration of the disruption, it stated in a securities filing that patient care is continuing, with backup systems and manual processes activated.
The cybercrime group, potentially UNC3944 or Scattered Spider( though formal attribution is yet to be confirmed by Mandiant and Google), is suspected to be behind the attacks on British firms Harrods, Co-op and M & S, which began in April 2025.
A DaVita spokesperson assured that external cybersecurity experts are assisting in the investigation and working to restore systems as quickly as possible. This incident follows a trend of increasing ransomware attacks targeting the healthcare sector, with a significant number of healthcare organisations reporting attacks in the past year. The full scope and ultimate impact of the DaVita ransomware attack are currently unknown.
According to the researchers, the methods and procedures observed in the US attacks mirror those seen in the UK incidents, indicating a shift in the group’ s focus. While no specific US companies have been named, the warning highlights a concerning trend of escalating and geographically expanding cyber threats within the retail industry.
2
1
24 WWW. INTELLIGENTCISO. COM