Breach taxonomy
Summary
On August 8, 2025, Inotiv, Inc. identified a cybersecurity incident in which a threat actor gained unauthorized access to and encrypted certain systems. The company activated its business continuity strategy, transitioned operations to offline alternatives, engaged cybersecurity specialists, and notified law enforcement. Internal data storage and business applications were impacted; full restoration timeline was unknown as of filing. Filed under Item 8.01; materiality not yet determined as of filing date.
Tagging rationale
ThreatUnknown
Filing refers only to a generic 'threat actor' with no attribution to a specific category → UNKNOWN.
MethodsRansomware
Filing states 'a threat actor gained unauthorized access to, and encrypted certain of, the Company's systems' → RANSOMWARE.
AssetsRevenue ProcessConfidential Biz
Encrypted systems impacted internal data storage and business applications disrupting company operations; filing mentions possible data access by threat actor → REVENUE-PROCESS + CONFIDENTIAL-BIZ.
EffectsBiz Interruption
Filing states the incident 'has caused, and is expected to continue to cause, disruptions to certain business operations' with availability of systems impacted → BIZ-INTERRUPTION.
Business continuityPartial
Company initiated its business continuity strategy and transitioned certain operations to offline alternatives, but full restoration timeline remains unknown → Partial.
Impact
Ransomware encrypted systems at a contract research organization, disrupting operations; small-to-mid cap company with no quantified financial impact or data exposure confirmed → score 2.
InsuranceNot disclosed
Filing makes no mention of insurance → null.
Read the original SEC filing excerpt
Item 8.01. Other Events. On August 8, 2025, Inotiv, Inc. (the Company) became aware of a cybersecurity incident affecting certain of its systems and data. The Company's preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the Company's systems. Upon identifying encrypted systems, the Company took steps to contain, assess, and remediate the cybersecurity incident, including initiating an investigation, engaging external cybersecurity specialists, and restricting access to certain of its systems. The Company has also notified law enforcement. The cybersecurity incident has caused, and is expected to continue to cause, disruptions to certain business operations of the Company. The incident has temporarily impacted the availability of and access to certain of the Company's networks and systems, including access to portions of internal data storage and certain internal business applications. The Company is currently working to bring the impacted portions of its systems back online. In addition, and at the same time, the Company initiated its business continuity strategy and has transitioned certain operations to offline alternatives with the aim of reducing disruption to its business. While the Company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known.