DaVita, a dialysis company, hit by ransomware attack

DaVita, a kidney care company, is currently dealing with a ransomware attack that was discovered on April 12, 2025, according to a filing with the Securities and Exchange Commission. The attack has resulted in certain parts of the company’s network being encrypted.

With more than 2,600 outpatient centers in the United States and 367 outpatient centers in 11 other countries, DaVita primarily provides kidney dialysis services to patients with end-stage renal disease, requiring three dialysis sessions weekly. Despite the ransomware attack, patient care continues at DaVita, as the company works to address the issue.

DaVita swiftly enacted containment measures, isolating the affected systems, and sought help from cybersecurity professionals and law enforcement agencies. While patient care remains the top priority and contingency plans are in place, the attack is causing disruptions in operations. Interim measures have been implemented to restore some functions, though the full impact and duration of the disruption are yet to be determined.

Due to the recent nature of the incident, DaVita’s investigation and response efforts are ongoing, and the extent of the incident’s impact on the company remains unknown. As the situation develops, this article will be updated with more information.

Jill McKeon, an experienced healthcare cybersecurity and privacy news journalist, has been closely monitoring this development since it unfolded in 2021.

In an effort to maintain patient care amid the ransomware attack, DaVita continues to work tirelessly to address the situation and restore normalcy to its operations. The company’s commitment to cybersecurity and patient well-being remains steadfast as it navigates through this challenging time.