DaVita Faces Disruption After Ransomware Attack on Network

April 14, 2025 — DaVita, a prominent provider of dialysis services in the United States, disclosed on Monday that it fell victim to a ransomware attack that encrypted parts of its network over the weekend. The attack has caused disruptions in some of the company’s operations, although patient care continues at its facilities.

In a regulatory filing, DaVita reported that it discovered the cyberattack on Saturday and is currently assessing the situation with the assistance of third-party cybersecurity professionals. The company has also informed law enforcement about the incident. Despite activating response protocols and implementing containment measures, DaVita stated it was unable to estimate the duration or extent of the operational disruptions at this time.

DaVita operates nearly 3,000 outpatient clinics and provides at-home dialysis services. In the past year, the company has served approximately 200,000 patients across the United States, as indicated in its annual report. The recent attack raises concerns as it follows a troubling trend of cyberattacks affecting the U.S. healthcare sector.

For instance, a U.S. unit of DaVita’s competitor, Fresenius Medical Care, experienced a significant data breach earlier this year, compromising the information of 500,000 patients. Furthermore, last year, a ransomware attack on UnitedHealth Group’s tech unit affected the personal information of 100 million individuals and led to widespread disruptions in health insurance claim processing.

“We have implemented our contingency plans, and we continue to provide patient care,” a DaVita representative stated. As of now, the company has not issued any announcements regarding the disruptions at its dialysis centers on its website or social media channels.

This incident underlines the increasing vulnerabilities of healthcare providers to cyber threats, which often lead to significant concerns regarding patient data security. Intertwined with ongoing challenges in the healthcare industry, such attacks further complicate the delivery of essential medical services.

DaVita confirmed that it is investigating the potential ramifications of the attack, including whether any patient data was compromised. This aspect remains crucial, as ransomware groups frequently seek to extort companies by threatening to release stolen information.

The full impact of the attack on DaVita’s operations and its patients will likely become clearer as the investigation progresses. The company continues to prioritize patient treatment while managing the ongoing cyber crisis.