Kidney dialysis firm DaVita hit by weekend ransomware attack

April 14, 2025

DaVita

Kidney dialysis firm DaVita disclosed Monday it suffered a weekend ransomware attack that encrypted parts of its network and impacted some of its operations.

DaVita is a major provider of kidney care services in the United States, operating over 2,600 outpatient treatment centers that provide dialysis to those suffering from kidney disease. It is a Fortune 500 organization with 76,000 employees in 12 countries and an annual revenue that surpasses $12.8 billion.

The company disclosed today in an SEC FORM-8K filing that it suffered a ransomware attack on Saturday that encrypted some of the systems on its network. It is common for ransomware gangs to deploy encryptors over the weekend when IT teams are understaffed and less likely to respond quickly.

"On April 12, 2025, DaVita Inc. became aware of a ransomware incident that has encrypted certain elements of our network," reads the 8-K filing.

"Upon discovery, we activated our response protocols and implemented containment measures, including proactively isolating impacted systems."

The attack and response efforts have resulted in some operations being adversely impacted, and even though interim measures have been implemented to aid their restoration, a timeline could not be provided.

However, despite the disruption, DaVita says they continue providing patient care at their facilities.

DaVita noted that an investigation into the incident is underway, so its full scope hasn't been determined yet.

This includes the possibility of patient data being stolen from the breached systems, a common tactic followed by ransomware gangs to strengthen their post-encryption extortion stage.

At the time of writing, there are no announcements on DaVita's website or social media channels about disruptions at its dialysis centers, and the company stated that patient care continues.

"We have implemented our contingency plans, and we continue to provide patient care," stated DaVita.

BleepingComputer has contacted DaVita to find out, and we will update this post as soon as we hear back.

Currently, there are no announcements from major ransomware groups claiming responsibility for the attack at DaVita.

source: BleepingComputer

Microsoft tells Windows users to ignore 0x80070643 WinRE errors

Enhancing your DevSecOps with Wazuh, the open source XDR platform

Free online web security scanner

Don't show website scan report rating on the leaderboard

Top News: