DaVita Systems Outage

DaVita Incident Update

Last Updated: April 28, 2025

DaVita continues working diligently to respond to and address the recent cybersecurity incident. We are continuing to make progress in our restoration and recovery, and importantly, care delivery continues, and we continue to accept patients.

We are in the process of conducting a thorough review of the data involved in this incident. We are working as quickly as possible and will notify any affected parties and individuals, as appropriate. Thank you, and we remain committed to supporting our DaVita community.

Frequently Asked Questions (FAQs)

1. What happened?

On April 12, 2025, DaVita became aware of a ransomware incident affecting and encrypting certain on-premises systems. We activated our incident response protocols and implemented containment measures, including proactively disconnecting parts of the network.

External cybersecurity experts are assisting with our response, remediation and recovery efforts, and we are making progress in rebuilding and restoring encrypted systems and bringing them back online in a secure manner. While the incident has resulted in disruption to our internal operations, we continue to have contingency plans in place where needed with a focus on continuity of patient care.

Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept new patients.

2. What is DaVita doing to address this incident?

DaVita IT, security, and external cybersecurity experts are working diligently to investigate and address the incident. DaVita has taken steps, including the following:

  • Care Continuity: While the incident has resulted in disruption to our internal operations, we continue to have contingency plans in place where needed with a focus on continuity of patient care. Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept patients.
  • Containment and Remediation: DaVita activated its incident response protocols and implemented containment measures, including proactively disconnecting parts of the network. We also engaged Palo Alto’s Unit 42, Mandiant and CYPFER to assist with response, remediation and recovery efforts. When we determined this was a ransomware incident, we disconnected the affected systems from our network. Those systems are isolated and remain offline with no network traffic coming in or out of the environment to them.
  • Recovery and Restoration: We are in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner.

3. Is patient care disrupted?

While the incident has resulted in disruption to our internal operations, we continue to have contingency plans in place where needed with a focus on continuity of patient care. Importantly, care delivery at our centers and for patients treated at home continues, and we continue to accept new patients.

4. Is DaVita accepting new patients?

Yes, DaVita is accepting new patients. For discharge planners, if you have a patient that is ready for discharge, please use these channels to submit referrals:

  • If you typically use the DaVita Patient Portal (DPP), please use the main fax line to send us referrals/records: 866-720-0766
  • If you typically refer using a care coordination tool, it’s fully operational. Please continue to send referrals through this channel.
  • If you work with a DaVita Dialysis Transition Manager, feel free to contact them by phone if you’re waiting on an update for previously submitted requests.
  • For questions on admissions, contact DaVita at 888-920-6577.

5. What data was compromised?

We are in the process of conducting a thorough review of the data involved in this incident. We are working as quickly as possible and will notify any affected parties and individuals, as appropriate.

6. I heard that data was posted on the dark web. Is that true?

We are aware of the post on the dark web and are in the process of conducting a thorough review of the data involved. We are working as quickly as possible and will notify any affected parties and individuals, as appropriate.  

7. When will you be fully operational?

We are in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner. Currently, we are not able to provide a timeline for full restoration. We continue to update our partners as we build on our restoration progress.

8. What steps have you taken to improve your network security?

We activated our incident response protocols and implemented containment measures, including proactively disconnecting parts of the network. We are now in the process of rebuilding and restoring encrypted systems and bringing them back online in a secure manner alongside cybersecurity experts at Unit 42, Mandiant and CYPFER.

9. Is law enforcement aware of the incident?

Yes. We are cooperating and coordinating with law enforcement.

10. Have regulators been notified of the incident?

Yes. DaVita has notified Centers for Medicare & Medicaid Services, filed an 8-K report with the U.S. Securities and Exchange Commission and is also working with other government authorities, including the Federal Bureau of Investigation on this matter.

11. Where do I get more information?

While our investigation is ongoing, we will continue to provide updates on this webpage as appropriate.

Other Questions?

If your question wasn’t answered here, please use this form to submit an inquiry.

cONTACT uS

© 2004-2025 DaVita Inc. All rights reserved. Notice of Nondiscrimination | Privacy Policy | Manage Cookies | Notice of Privacy Practices | Exercise Your Privacy Rights | Terms of Use | Accessibility Statement | Help Center | Site Map

Cash Prices/Costs for Coronavirus (COVID) Diagnostic Tests

This site is for informational purposes only and is not intended to be a substitute for medical advice from a medical provider.

Please check with a medical professional if you need a diagnosis and/or for treatments as well as information regarding your specific condition. In case of emergency, call 9-1-1 or go to the nearest emergency department.