On August 8, 2025, Inotiv, Inc. (the “Company”) became aware of a cybersecurity incident affecting certain of its systems and data. The Company’s preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the Company’s systems. Upon identifying encrypted systems, the Company took steps to contain, assess, and remediate the cybersecurity incident, including initiating an investigation, engaging external cybersecurity specialists, and restricting access to certain of its systems. The Company has also notified law enforcement.
The cybersecurity incident has caused, and is expected to continue to cause, disruptions to certain business operations of the Company. The incident has temporarily impacted the availability of and access to certain of the Company’s networks and systems, including access to portions of internal data storage and certain internal business applications. The Company is currently working to bring the impacted portions of its systems back online. In addition, and at the same time, the Company initiated its business continuity strategy and has transitioned certain operations to offline alternatives with the aim of reducing disruption to its business. While the Company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known.
The Company’s investigation of the cybersecurity incident is ongoing, and the full scope, nature and impacts, including operational and financial impacts, of the incident are not yet known. Accordingly, the Company has not yet determined whether the incident is reasonably likely to have a material impact on the Company.
Source: https://www.sec.gov/Archives/edgar/data/720154/000162828025040658/notv-20250808.htm
