Reuters reports:
DaVita said on Monday it had become aware of a ransomware incident that has encrypted some elements of its network, prompting the dialysis firm to implement measures to limit the effect of the breach.
The company discovered the cyberattack on Saturday, but added it “cannot estimate the duration or extent of the disruption at this time”, DaVita said in a regulatory filing.
Read more at The Star.
This is not DaVita’s first data security breach. DataBreaches has reported on several other breaches going back to 2008. In addition to the incidents previously reported on this site, DaVita also reported a hacking incident to HHS in 2022 after an employee fell for a phishing attack. In that incident, 1,092 patients were affected. Then, in July 2024, DaVita reported another incident to HHS. That one involved unauthorized disclosure due to the use of tracking technologies and potentially affected 67,443 patients who visited any websites, patient portals or mobile apps the company owned at least once between Nov. 20, 2017, and Sept. 21, 2023. DaVita settled a class action lawsuit to resolve claims stemming from that incident for $3.8 million.