American pharmaceutical company Inotiv has disclosed that some of its systems and data have been encrypted in a ransomware attack, impacting the company’s business operations.
In a filing to the U.S. Securities and Exchange Commission (SEC), Inotiv says that the cyberattack occurred on August 8 and took action to contain the breach.
“On August 8, 2025, Inotiv, Inc. became aware of a cybersecurity incident affecting certain of its systems and data,” Inotiv informs.
“The Company’s preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the Company’s systems.”
Inotiv started an investigation with the help of external security experts and notified law enforcement authorities of the incident.
The attack was claimed by the Qilin ransomware gang, who alleges to have stolen around 162,000 files amounting to 176GB. The threat actor has also published data samples on their leak site.
Source: BleepingComputer
Inotiv is an Indiana-based contract research organization specializing in drug development, drug discovery and safety assessment, as well as live animal research modeling.
The company employs around 2,000 specialists and has an annual revenue of more than $500 million.
The organization said that the cybersecurity incident has caused disruptions to certain business operations and expects the adverse effects to persist for some time.
Specifically, the incident impacted certain networks and systems that include databases and internal applications used in business processes.
Inotiv’s IT team is working to restore these systems and migrated some of the affected operations to offline alternatives in order to mitigate the impact of the outages caused by the cyberattack.
No estimation has been provided for a return to normal operations.
BleepingComputer has emailed Inotiv to ask about the validity of Qilin ransomware’s claims, but we are still waiting for a reply.
46% of environments had passwords cracked, nearly doubling from 25% last year.
Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.