Dialysis firm DaVita suffers ransomware attack

Dialysis firm DaVita is responding to a ransomware attack that it discovered on April 12, 2025, the company revealed in a Securities and Exchange Commission 8-K filing. The ransomware attack has encrypted certain elements of the company's network.

DaVita provides kidney dialysis services at more than 2,600 outpatient centers in the U.S. and 367 outpatient centers in 11 other countries. It primarily treats patients with end-stage renal disease, which requires kidney dialysis three times weekly.

According to the filing, patient care is continuing as DaVita responds to the ransomware attack, which has not yet been formally claimed by any ransomware group.

DaVita immediately implemented containment measures and isolated impacted systems. The firm also engaged third-party cybersecurity professionals and law enforcement.

"We have implemented our contingency plans, and we continue to provide patient care. However, the incident is impacting some of our operations, and while we have implemented interim measures to allow for the restoration of certain functions, we cannot estimate the duration or extent of the disruption at this time," DaVita stated.

"Given the recency of the incident, our investigation and response are ongoing, and the full scope, nature, and potential ultimate impact on the Company are not yet known."

This article will be updated as more information becomes available.

Jill McKeon has covered healthcare cybersecurity and privacy news since 2021.