Indiana-based pharmaceutical research firm Inotiv has confirmed that its systems were compromised in a ransomware attack earlier this month, disrupting parts of its business operations.
According to a filing with the US Securities and Exchange Commission (SEC), the company detected the incident on August 8. Inotiv said attackers gained unauthorized access and encrypted some of its internal systems and data. The breach has prevented access to certain databases and applications used in day-to-day business processes.
To contain the damage, Inotiv took some of its systems offline and shifted parts of its work to manual alternatives. External cybersecurity experts have been brought in to support the investigation, and the company has notified law enforcement. However, no timeline has been provided for a full recovery.
Qilin Group Claims Responsibility
The Qilin ransomware gang claimed responsibility for the attack on August 11, listing Inotiv on its leak site. The group said it stole nearly 176 GB of data (around 162,000 files) covering:
-
Financial records
-
Research contracts
-
Purchase orders
-
Employee information
Qilin also published a small set of sample documents that appears to support its claims.
“Encrypting key internal systems and exfiltrating 176 GB of proprietary research data puts both operational continuity and intellectual property at grave risk, and the switch to offline workarounds underscores the severity of the disruption,” said Ensar Seker, chief information security officer at SOCRadar.
Read more on ransomware attacks targeting the healthcare sector: Patient Death Linked to NHS Cyber-Attack
Broader Risks For Healthcare Research
Rebecca Moody, head of data research at Comparitech, said incidents like this could have a ripple effect across the industry.
“Attacks on these types of companies that operate within the healthcare sector (but don’t provide direct care) can have far-reaching consequences. This is due to the fact that these companies often deal with a large number of organizations and, therefore, have access to huge datasets across multiple entities,” she explained.
She added that 19 similar attacks worldwide have already been confirmed in 2025, leading to more than 6 million records being breached. In 2024, there were 51 such incidents, most stemming from the Change Healthcare breach.
“As hackers continue to focus on data theft as well as system encryption, organizations like Inotiv remain an attractive target,” Moody said.
“Anyone who works for and with the company should be on high alert for any potential phishing campaigns while monitoring their accounts for any suspicious activity.”
Inotiv, which employs about 2000 people and reported revenues of more than $490m last year, said disruptions from the cyber-attack are expected to continue for some time.
Infosecurity has contacted Inotiv for comment but has not yet received a reply.
No tags.
