DaVita, a major kidney dialysis provider in the United States, disclosed a ransomware attack on April 12, 2025. The attack encrypted certain parts of its network and disrupted some operations. DaVita, which operates over 2,600 outpatient centers, quickly activated response protocols and isolated affected systems to contain the breach. Despite the disruptions, the company assured that patient care continued uninterrupted at its facilities.
The ransomware attack impacted some of DaVita’s internal systems, though it is unclear how severe the damage is. The company is currently investigating the full scope of the attack and the possibility of patient data being stolen. While some systems were encrypted, DaVita stated that contingency plans were implemented to restore operations. No timeline for full restoration has been provided yet.
Ransomware gangs often target organizations during weekends when IT staff is limited, and DaVita’s response was swift in containing the breach. The company’s network is still under investigation, and the incident could potentially lead to further complications, including stolen patient data. Despite this, DaVita emphasized that patient care has remained a priority, and operations at dialysis centers are continuing as normal.
At the time of writing, no major ransomware group has claimed responsibility for the attack. DaVita has not made any announcements regarding significant disruptions at its centers. As the investigation continues, the full impact of the breach will be assessed, and further updates may follow.
Reference:
