American pharmaceutical services firm Inotiv has disclosed a cybersecurity incident that encrypted parts of its systems and data, forcing portions of the business to shift to contingency operations. The company reported the Inotiv ransomware attack in a filing to the U.S. Securities and Exchange Commission and said it took immediate steps to contain the breach discovered on August 8.
What Inotiv Disclosed to Regulators
Inotiv said the intrusion affected “certain” systems and data and that a preliminary review points to unauthorized access followed by encryption of specific assets. In its SEC notice, the company stated:
“On August 8, 2025, Inotiv, Inc. became aware of a cybersecurity incident affecting certain of its systems and data. The Company’s preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the Company’s systems.”
The company has engaged external cybersecurity experts and notified law enforcement. It cautioned that disruptions to some business processes are ongoing and that adverse effects are expected to persist for a period of time. No estimate for full restoration was provided.
Inotive listed on the Qilin ransomware website
Source: BleepingComputer
Qilin Ransomware Claims and Data Posted
The Qilin ransomware group has claimed responsibility, alleging the theft of roughly 162,000 files totaling about 176GB. The threat actor also posted data samples on its leak site. Inotiv has not confirmed those claims. Media inquiries seeking comment on Qilin’s assertions have been sent; responses were not immediately available.
Scope of Operational Disruption and Recovery Steps
The Inotiv ransomware attack impacted internal networks and applications used in day-to-day operations, including databases and proprietary tools. Inotiv’s IT team is restoring systems in phases and has moved some affected functions to offline alternatives to reduce downtime. The company indicated operations continue, but with localized disruption where systems were encrypted or segmented for containment.
Key points disclosed include:
- Encryption of certain systems and data following unauthorized access
- Impact to internal applications and databases used in business workflows
- Migration of some activities to offline processes while recovery progresses
- Ongoing collaboration with law enforcement and retained incident-response specialists
Who Inotiv Is and Why the Target Matters
Inotiv is an Indiana-based contract research organization serving pharmaceutical and biotech customers with drug discovery, drug development, safety assessment, and live animal research modeling. The company employs about 2,000 specialists and reports annual revenue exceeding $500 million. Given its role in regulated research and development, outages affecting clinical or preclinical support systems can have extended knock-on effects across studies, timelines, and client deliverables.
What Remains Unknown
While containment and recovery are underway, several details have not been disclosed. Inotiv has not specified which environments were affected, what categories of data were encrypted or accessed, or whether any regulated or client-owned information is implicated. The company also has not provided a timeline for full operational recovery.
