DaVita Inc. Ransomware Attack Disrupts Operations

On April 12, 2025, DaVita Inc., a leading provider of kidney care and dialysis services, discovered a ransomware attack that encrypted certain elements of its network. According to the company’s SEC disclosure, DaVita immediately activated its response protocols and implemented containment measures, including proactively isolating impacted systems. The incident has disrupted some of DaVita’s operations, and while interim measures are in place to restore certain functions, the company has not yet determined the full duration or extent of the disruption.

At this time, DaVita has not disclosed how many people may have been affected, nor has it provided specifics about the types of consumer information that may have been exposed. The company’s investigation is ongoing, and it is working with third-party cybersecurity professionals as well as law enforcement to assess and remediate the situation.

Because the attack involved ransomware and resulted in the encryption of network elements, there is potential risk to both personally identifiable information (PII) and protected health information (PHI), which could include names, addresses, medical records, and other sensitive data. However, DaVita has not confirmed the specific information that may have been compromised.

Given the nature of the ransomware attack and the ongoing investigation, affected individuals should remain vigilant for any signs of identity theft or fraud. It is advisable to monitor your financial accounts, credit reports, and health insurance statements for unusual activity. If you receive any suspicious communications, do not respond or provide personal information. DaVita has not yet announced specific resources for affected individuals, but updates may be provided as the investigation progresses.

For the most current information and official updates, you can refer to DaVita’s official website.