Inotiv Faces Data Breach After Ransomware Attack
In early August 2025, Inotiv, a prominent contract research organization specializing in pharmaceutical drug discovery and development services, experienced a significant cybersecurity incident. Between August 5 and August 8, unauthorized actors infiltrated the company’s systems, leading to a data breach. The breach was discovered on August 8, prompting Inotiv to initiate immediate incident response procedures.
The company successfully restored access to its networks and systems and conducted a comprehensive forensic investigation, which has now concluded. During the four-day period of unauthorized access, attackers exfiltrated an unspecified amount of company data. The exact scope and sensitivity of the stolen information remain unclear.
Inotiv has begun notifying relevant parties about the incident in accordance with legal obligations, indicating that state and federal disclosure requirements are being addressed. While the company has identified the likely scope of the breach, it is still evaluating the full operational and financial impacts. Notably, Inotiv has not yet determined whether the incident is likely to have material financial consequences.
This breach adds to Inotiv’s existing operational challenges. The company is managing substantial debt obligations totaling $402.1 million and has recently engaged financial advisors to explore debt refinancing options. In fiscal year 2025, Inotiv reported revenue of $513 million but posted an operating loss of $30.9 million.
The incident highlights the cybersecurity risks faced by pharmaceutical research organizations that manage high-value intellectual property and confidential client data throughout the drug development pipeline.
