DaVita Inc., a major provider of kidney dialysis services, experienced a ransomware attack that disrupted some of its operations.
The attack, which involved the encryption of parts of DaVita’s network, occurred over the weekend. The company disclosed the incident on Monday.
DaVita operates nearly 3,000 outpatient clinics across the United States and partners with approximately 760 hospitals.
Last year, the company served around 200,000 patients in the U.S. Despite the disruption, DaVita reported that patient care has continued, as the company activated its cybersecurity response protocols. The firm worked to isolate the affected systems to prevent further impact.
Ransomware attacks typically involve hackers encrypting files on a network, rendering them inaccessible to the victim.
Attackers then demand a ransom payment in exchange for a decryption key. DaVita has not disclosed whether a ransom demand was made, nor has it mentioned any attempts to negotiate with the attackers.
The company stated that its cybersecurity team is actively working with external experts to investigate the scope of the attack and to restore normal operations. DaVita is also notifying law enforcement agencies and relevant regulators about the incident.
The exact nature and origin of the attack remain unknown. The company has not commented on the potential perpetrators or the methodology used in the attack. DaVita continues to assess the situation and its impact on operations.
In response to the incident, DaVita emphasized its commitment to protecting patient data and privacy. The company is taking steps to ensure the security of its network and has reinforced its security measures to guard against future attacks.
Healthcare organizations have increasingly become targets for cybercriminals, with ransomware attacks posing significant risks to patient safety and data integrity.
The healthcare sector accounted for 34% of all ransomware cases last year, according to cybersecurity firm Sophos.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have repeatedly issued alerts to the healthcare sector about the rising threat of ransomware attacks.
Cybersecurity experts suggest that healthcare companies should regularly update their systems, use multifactor authentication, and train employees on cybersecurity awareness to reduce the risk of ransomware infections.
As DaVita continues to manage the incident, the company has assured patients and partners that it remains committed to providing uninterrupted care. The firm has not provided a timeline for the complete restoration of its network, but it is focused on returning to normal operations as soon as possible.
