DaVita Ransomware Attack Investigation

The data privacy lawyers at The Lyon Firm are investigating a recent data security incident announced at DaVita, the kidney dialysis company. According to an April 14, 2025, 8K filing with the U.S. Securities and Exchange Commission (SEC), DaVita was targeted in a ransomware attack that resulted in encryption of parts of its IT network.

It is important to understand the risks of a possible data breach at any healthcare organization that has collected and stored your personal data. Medical identity theft and fraud have plagued the healthcare industry as it is seen as low hanging fruit by many hackers and ransomware groups. Many healthcare companies store large amounts of valuable data that can include the following:

• Names
• Dates of Birth
• Addresses
• Social Security numbers
• State ID or driver’s license numbers
• Health insurance information
• Medical records
• Financial information
• Biometrics

What happened at DaVita?

The alleged DaVita ransomware attack occurred on Saturday, April 12, 2025, and has impacted some operations. DaVita explained that its incident response protocols are allowing that care can continue and while there may be some disruptions, all dialysis centers remain open and patient care continues to be provided.

Third-party cybersecurity professionals have been hired, and more details will emerge in the coming weeks. The company has only been able to offer statements like the following: “Given the recency of the incident, our investigation and response are ongoing, and the full scope, nature, and potential ultimate impact on the Company are not yet known.”

Unfortunately, this is not DaVita’s first data security breach. The company reported a phishing attack/hacking incident to HHS in 2022.  They reported another incident to HHS in 2024 affecting as many as 67,443 patients. The Denver company operates over 2,650 outpatient treatment centers in the United States, and served around 200,000 patients.