Pharmaceutical Firm Inotiv Discloses Ransomware Attack and Data Breach
The West Lafayette, Indiana-based pharmaceutical research company Inotiv has recently disclosed a ransomware attack and data breach that involved the exfiltration of sensitive data from its network. Inotiv employs around 2,000 people and has an annual revenue of over $510 million. The company specializes in drug discovery, drug development, and research modelling.
The ransomware attack was detected on August 8, 2025, when access to certain networks, systems, and data storage was prevented, resulting in disruption to some of its business operations. Inotiv confirmed in a December 3, 2025, filing with the U.S. Securities and Exchange Commission (SEC) that it has successfully restored access to the affected networks and systems and has finished its internal investigation into the attack.
The investigation confirmed that a ransomware group had access to its network between approximately August 5 and August 8, 2025, during which time certain data may have been acquired. According to the breach notice filed with the Maine Attorney General, the information of 9,542 individuals was involved, including names, addresses, dates of birth, Social Security numbers, driver’s license numbers/government ID numbers, credit/debit card information, medical information, and health insurance information. The affected individuals include current and former employees and their dependents, and other individuals who had interactions with the company or companies acquired by Inotiv.
Ransomware attacks involve a ransom demand, although Inotiv did not mention any such demand for payment. The ransomware group behind the attack was not disclosed by Inotiv; however, the Qilin ransomware group claimed responsibility for the attack and added Inotiv to its dark web data leak site in mid-August. Qilin claimed to have exfiltrated 176 GB of data in the attack. Qilin is currently one of the most active ransomware-as-a-service groups and has previously targeted healthcare and pharmaceutical firms. One of the group’s most damaging attacks was the ransomware attack on the UK pathology services provider Synnovis, which led to a months-long blood shortage and caused massive disruption to business operations.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The Qilin data leak site no longer lists the pharmaceutical firm, which suggests a ransom has likely been paid. In the SEC filing, Inotiv said the impact of the attack is still being evaluated, so it is currently unclear if the attack will have any material impact on its financial position. Notification letters have been mailed to the affected individuals, who have been offered 24 months of complimentary credit monitoring and identity theft protection services.
