On April 12, 2025, DaVita—a dialysis provider participating in VA’s Veteran Community Care Program—experienced a ransomware cybersecurity incident on its internal systems that resulted in the compromise of some patient records. Although VA’s systems were not affected, we’ve continued to monitor the situation as DaVita maintains Veteran health information in its system.

Currently, forensic investigators and the FBI continue their work to determine the extent of the breach. We know how important privacy is and will provide updates as there is information to share.

What you need to know

  • Veteran care is not affected. Health care services at DaVita facilities are continuing without interruption.
  • All DaVita patients will receive a letter explaining the situation and announcing at least 12 months of free identity monitoring services from Experian Identity Works beginning approximately July 31, 2025. To enroll, follow the instructions in the letter or call 833-931-7489.

Additional fraud protection resources

Protecting Veterans’ personal health information is—and always will be—one of our top priorities. We will continue to monitor this incident closely and provide updates as they become available.

Topics in this story

CyberDaVitaInformation

Link Disclaimer

This page includes links to other websites outside our control and jurisdiction. VA is not responsible for the privacy practices or the content of non-VA Web sites. We encourage you to review the privacy policy or terms and conditions of those sites to fully understand what information is collected and how it is used.

Leave a comment

The comments section is for opinions and feedback on this particular article; this is not a customer support channel. If you are looking for assistance, please visit Ask VA or call 1-800-698-2411. Please, never put personally identifiable information (SSAN, address, phone number, etc.) or protected health information into the form — it will be deleted for your protection.

More Stories