DaVita, one of the largest dialysis providers in the US, was hit by a ransomware attack over the weekend. The company reported the incident in an SEC filing on Monday, April 14. The cyberattack happened on Saturday, April 12, and has caused disruptions across parts of DaVita’s network.

The attack encrypted some of the company’s systems, but DaVita says all of its outpatient centers remain open. The company runs more than 2,650 centers in the US and 509 more in 13 other countries, serving around 200,000 American patients each year. These centers provide vital dialysis treatment, which patients with kidney disease need regularly to stay healthy.

DaVita said its incident response team acted right away. Affected systems were taken offline to contain the damage, and backup systems were brought online. Manual procedures are also being used so that patient care can continue. The company has not said how long the disruptions may last.

“Given the recency of the incident, our investigation and response are ongoing,” DaVita stated in its official SEC filing. “The full scope, nature, and potential ultimate impact on the company are not yet known.”

Cybersecurity experts from outside the company are helping with the investigation, and law enforcement has been contacted. So far, no ransomware group has taken credit for the attack.

It’s also still unclear whether any sensitive patient data was accessed or stolen. While many recent ransomware attacks focus on stealing data rather than just locking systems, DaVita said it’s too early to confirm what kind of information, if any, may have been taken.

The company is still working to fully assess the damage and restore its systems.