DaVita reports cyberattack impacting portions of network

April 15, 2025

DaVita Inc., a prominent dialysis services provider, recently disclosed that it is contending with a ransomware assault that has disrupted segments of its operations. This revelation was communicated through a regulatory filing with the United States Securities and Exchange Commission on April 12.

The cyberattack targeted specific components of DaVita’s network, prompting the company to activate its cybersecurity response measures and quarantine affected systems. Although patient care has not been significantly impacted, DaVita revealed that the incident continues to disrupt operations, and the full extent of the ransomware attack remains uncertain.

Efforts have been made to reinstate some functionalities, but specific details regarding the duration of potential disruptions have not been shared. An ongoing investigation is in progress, with the extent of potential data breaches yet to be verified.

DaVita released a statement acknowledging the cyber incident, stating, “We are currently experiencing a cyber incident that has impacted certain systems in our network. We have activated backup systems and manual processes to ensure there’s no disruption to patient care. Our teams, along with external cybersecurity experts, are actively investigating this matter and working to restore systems as quickly as possible.”

DaVita, renowned for operating nearly 3,000 outpatient clinics and collaborating with approximately 760 hospitals, catered to approximately 200,000 U.S. patients in the previous year. The CEO of managed service firm Neovera, Scott Weinberg, highlighted the potential gravity of the situation, commenting that given DaVita’s extensive operations, the repercussions could be significant. If patient records were encrypted, sensitive information like medical histories and personal identifiers might be at risk.

Weinberg accentuated the severity of the attack for dialysis patients in critical need of regular treatments, emphasizing that disruptions in time-sensitive healthcare services could exacerbate health conditions. The impact of the cyberattack on patients and the healthcare sector at large underscores the critical need for heightened cybersecurity measures to safeguard sensitive data and ensure uninterrupted access to essential medical services.