Inotiv
Company Details
Linkedin ID:
inotiv
Website:
Employees number:
1,799
Number of followers:
10,559
NAICS:
5417
Industry Type:
Homepage:
inotiv.com
IP Addresses:
0
Company ID:
INO_1925094
Scan Status:
In-progress
Inotiv Company CyberSecurity Posture
inotiv.com
WHERE INSIGHTS LEAD TO ANSWERS Expect More In choosing a partner for discovery, development and research models, expect more: more attention, more insight, and a superlative experience. You’ve worked hard to get this far, and you deserve a provider seamlessly aligned to your needs and goals. Through scientific leadership and ongoing investments, Inotiv delivers a comprehensive range of services and products that will exceed your expectations. Benefit from our long and impeccable regulatory history, world class team of scientists, and track record of providing attentive, decisive service. Answering the right questions on time and with high-quality data is the key to achieving your objectives. At Inotiv, that is our focus: to provide you with both the broad scope and right-size solutions essential to your success. Gain the insights you deserve to get the answers you need. Expect more — with Inotiv. Inotiv is a Top Workplaces 2023 Winner.
Inotiv A.I CyberSecurity Scoring
Inotiv Risk Score (AI oriented)Between 0 and 549
Inotiv
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Inotiv Global Score (TPRM)XXXX
Inotiv
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Inotiv Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
Inotiv
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Inotiv, a pharmaceutical R&D company, fell victim to a ransomware attack where cybercriminals encrypted critical parts of its network, forcing systems offline and halting operations. The attackers claimed to have exfiltrated and publicly leaked over **170 GB of sensitive data**, including proprietary research, clinical trial information, and potentially patient or employee records. The disruption threatened ongoing drug development, compromised data integrity, and risked delays in life-saving treatments. The attack’s scale and targeting of high-value pharmaceutical IP—combined with operational shutdowns—posed severe financial, reputational, and regulatory repercussions. Given the sector’s reliance on precise data for drug approvals and patient safety, the breach’s cascading effects could extend to partners, trials, and ultimately public health. Recovery efforts likely involved costly system restoration, forensic investigations, and potential regulatory fines under frameworks like **HIPAA** or **GDPR** for mishandled sensitive data.
Inotiv Reports Massive Data Breach Impacting Thousands
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: **Inotiv Hit by Ransomware Attack, Exposing Sensitive Data of Nearly 10,000 Individuals** Inotiv, a leading research organization, disclosed a ransomware attack that compromised the personal information of 9,542 individuals. The breach, which involved unauthorized access to the company’s systems, exposed highly sensitive data, including names, addresses, Social Security numbers, and financial and medical records. The attack underscores the growing threat of ransomware, particularly against organizations handling confidential information. Cybercriminals successfully infiltrated Inotiv’s infrastructure, demonstrating that even well-established entities remain vulnerable to sophisticated cyber threats. The stolen data poses significant risks, including identity theft and financial fraud, with potential long-term consequences for affected individuals. In response, Inotiv launched an investigation in collaboration with cybersecurity experts to assess the full extent of the breach and prevent future incidents. Affected individuals are being notified, and mitigation efforts are underway to address the fallout. This incident reflects a broader trend of ransomware attacks targeting sectors with sensitive data, highlighting the need for enhanced cybersecurity measures. While Inotiv works to strengthen its defenses, the breach serves as a reminder of the persistent and evolving nature of cyber threats.
Inotiv
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Inotiv, an American pharmaceutical company specializing in drug development, drug discovery, safety assessment, and live animal research, suffered a **ransomware attack** on **August 8, 2025**. The **Qilin ransomware gang** encrypted critical systems and data, stealing approximately **162,000 files (176GB)** and publishing samples on their leak site. The attack disrupted **business operations**, including databases and internal applications essential for core processes. While Inotiv initiated containment measures, migrated some operations offline, and engaged external security experts, the **outages persist with no estimated recovery timeline**. The incident has caused **significant operational disruptions**, affecting a company with **2,000 employees and $500M+ annual revenue**. The long-term financial, reputational, and operational impacts remain unclear as investigations continue.
Inotiv Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Inotiv
Incidents vs Research Services Industry Average (This Year)
Inotiv has 476.92% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Inotiv has 361.54% more incidents than the average of all companies with at least one recorded incident.
Incident Types Inotiv vs Research Services Industry Avg (This Year)
Inotiv reported 3 incidents this year: 0 cyber attacks, 3 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — Inotiv (X = Date, Y = Severity)
Inotiv cyber incidents detection timeline including parent company and subsidiaries
Inotiv Company Subsidiaries
WHERE INSIGHTS LEAD TO ANSWERS Expect More In choosing a partner for discovery, development and research models, expect more: more attention, more insight, and a superlative experience. You’ve worked hard to get this far, and you deserve a provider seamlessly aligned to your needs and goals. Through scientific leadership and ongoing investments, Inotiv delivers a comprehensive range of services and products that will exceed your expectations. Benefit from our long and impeccable regulatory history, world class team of scientists, and track record of providing attentive, decisive service. Answering the right questions on time and with high-quality data is the key to achieving your objectives. At Inotiv, that is our focus: to provide you with both the broad scope and right-size solutions essential to your success. Gain the insights you deserve to get the answers you need. Expect more — with Inotiv. Inotiv is a Top Workplaces 2023 Winner.
Loading...
Inotiv Similar Companies
CEA
The CEA is the French Alternative Energies and Atomic Energy Commission ("Commissariat à l'énergie atomique et aux énergies alternatives"). It is a public body established in October 1945 by General de Gaulle. A leader in research, development and innovation, the CEA mission statement has two main
CNRS
The French National Centre for Scientific Research is among the world's leading research institutions. Its scientists explore the living world, matter, the Universe, and the functioning of human societies in order to meet the major challenges of today and tomorrow. Internationally recognised for the
Los Alamos National Laboratory is one of the world’s most innovative multidisciplinary research institutions. We're engaged in strategic science on behalf of national security to ensure the safety and reliability of the U.S. nuclear stockpile. Our workforce specializes in a wide range of progressive
Chinese Academy of Sciences
The Chinese Academy of Sciences (CAS) is the lead national scientific institution in natural sciences and high technology development in China and the country's supreme scientific advisory body. It incorporates three major parts: a comprehensive research and development network consisting of 104 res
University of Cambridge
The University of Cambridge is one of the world's foremost research universities. The University is made up of 31 Colleges and over 150 departments, faculties, schools and other institutions. Its mission is 'to contribute to society through the pursuit of education, learning, and research at the hi
Utrecht University
At Utrecht University (UU), we are working towards a better world. We do this by researching complex issues beyond the borders of disciplines. We put thinkers in contact with doers, so new insights can be applied. We give students the space to develop themselves. In so doing, we make substantial con
UCL
UCL (University College London) is London's leading multidisciplinary university, ranked 9th in the QS World University Rankings. Established in 1826 UCL opened up education in England for the first time to students of any race, class or religion and was also the first university to welcome female
Imperial College London
Consistently rated in the top 10 universities in the world, Imperial College London is the only university in the UK to focus exclusively on science, medicine, engineering and business. At Imperial we bring together people, disciplines, industries and sectors to further our understanding of the n
The University of Edinburgh
Imagine what you could do at a world-leading university that is globally recognised for its teaching, research and innovation. The University of Edinburgh has been providing students with world-class teaching for more than 425 years, unlocking the potential of some of the world's leading thinkers
.png)
Inotiv CyberSecurity News
November 21, 2025 12:10 PM
Inotiv, Inc. to Announce Fiscal 2025 Fourth Quarter and Full Year Financial Results on December 3, 2025
Inotiv, Inc. will release fiscal 2025 Q4 and full year results on December 3, 2025, followed by a co.
November 21, 2025 12:07 PM
Inotiv, Inc. to Report Fiscal 2025 Fourth Quarter and Full Year Financial Results and Host Conference Call on Wednesday, December 3, 2025
WEST LAFAYETTE, Ind., Nov. 21, 2025 (GLOBE NEWSWIRE) -- Inotiv, Inc. (NASDAQ: NOTV) (the 'Company”, or 'Inotiv”), a leading contract...
September 25, 2025 07:00 AM
Inotiv Enters Settlement Agreement For Securities Class Action - SEC Filing
INOTIV: 2025 CYBERSECURITY INCIDENT IS EXPECTED TO CONTINUE TO CAUSE, DISRUPTIONS TO CERTAIN BUSINESS OPERATIONS OF CO -SEC FILING.
September 25, 2025 07:00 AM
Inotiv Settles Securities Class Action Lawsuit
Inotiv ( ($NOTV) ) has provided an announcement. On September 25, 2025, Inotiv, Inc. agreed to settle a securities class action and two...
September 12, 2025 07:00 AM
Attackers are coming for drug formulas and patient data
Pharma companies face growing cybersecurity risks that threaten clinical trial data, patient records, and proprietary drug formulas.
August 28, 2025 07:00 AM
Inotiv Data Breach: 176 GB of Sensitive Data Stolen
Discover the impact of Inotiv's data breach involving 161967 files and 176 GB of sensitive drug development data. Learn how to protect your...
August 27, 2025 07:00 AM
The Week in Breach News: August 25, 2025
R&D data is snatched from Nissan and Kaseya Labs dives into a critical WinRAR vulnerability.
August 25, 2025 07:00 AM
Ransomware Attack Hits Drug Research Firm Inotiv, Disrupts Operations, and Leaks Data
A ransomware attack has forced drug research firm Inotiv to shut down critical systems, resulting in operational disruptions.
August 21, 2025 12:56 PM
Cyber Attack on Workday and Qilin Ransomware attack on Inotiv
Inotiv, a prominent U.S. pharmaceutical company, has reportedly been attacked by the Qilin Ransomware group. The attack, which occurred on August 8, 2025, led...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Inotiv CyberSecurity History Information
Official Website of Inotiv
The official website of Inotiv is https://www.inotiv.com/.
Inotiv’s AI-Generated Cybersecurity Score
According to Rankiteo, Inotiv’s AI-generated cybersecurity score is 100, reflecting their Critical security posture.
How many security badges does Inotiv’ have ?
According to Rankiteo, Inotiv currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Inotiv have SOC 2 Type 1 certification ?
According to Rankiteo, Inotiv is not certified under SOC 2 Type 1.
Does Inotiv have SOC 2 Type 2 certification ?
According to Rankiteo, Inotiv does not hold a SOC 2 Type 2 certification.
Does Inotiv comply with GDPR ?
According to Rankiteo, Inotiv is not listed as GDPR compliant.
Does Inotiv have PCI DSS certification ?
According to Rankiteo, Inotiv does not currently maintain PCI DSS compliance.
Does Inotiv comply with HIPAA ?
According to Rankiteo, Inotiv is not compliant with HIPAA regulations.
Does Inotiv have ISO 27001 certification ?
According to Rankiteo,Inotiv is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Inotiv
Inotiv operates primarily in the Research Services industry.
Number of Employees at Inotiv
Inotiv employs approximately 1,799 people worldwide.
Subsidiaries Owned by Inotiv
Inotiv presently has no subsidiaries across any sectors.
Inotiv’s LinkedIn Followers
Inotiv’s official LinkedIn profile has approximately 10,559 followers.
NAICS Classification of Inotiv
Inotiv is classified under the NAICS code 5417, which corresponds to Scientific Research and Development Services.
Inotiv’s Presence on Crunchbase
Yes, Inotiv has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/inotiv.
Inotiv’s Presence on LinkedIn
Yes, Inotiv maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/inotiv.
Cybersecurity Incidents Involving Inotiv
As of December 09, 2025, Rankiteo reports that Inotiv has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Inotiv has an estimated 5,002 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Inotiv ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
What was the total financial impact of these incidents on Inotiv ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $4.61 million.
How does Inotiv detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with external security experts, and and containment measures with isolation of affected systems, containment measures with migration to offline alternatives, and remediation measures with system restoration efforts, and recovery measures with partial migration to offline operations, and communication strategy with sec filing, communication strategy with media statements (via bleepingcomputer), and remediation measures with risk assessments, remediation measures with iot device inventory and patch management, remediation measures with vendor risk assessments, remediation measures with employee training (phishing awareness), and incident response plan activated with yes, and third party assistance with cybersecurity experts, and communication strategy with affected individuals are being notified..
Incident Details
Can you provide details on each incident ?
Title: Ransomware Attack on Inotiv Encrypts Systems and Disrupts Business Operations
Description: American pharmaceutical company Inotiv disclosed a ransomware attack on August 8, 2025, where a threat actor (Qilin ransomware gang) gained unauthorized access and encrypted certain systems and data. The attack disrupted business operations, including databases and internal applications. The gang claims to have stolen ~162,000 files (176GB) and published samples on their leak site. Inotiv is investigating with external experts, notified law enforcement, and is working to restore systems while migrating some operations offline. The financial and operational impacts are ongoing, with no estimated timeline for full recovery.
Date Detected: 2025-08-08
Date Publicly Disclosed: 2025-08-08
Type: Ransomware Attack
Threat Actor: Qilin Ransomware Gang
Motivation: Financial GainData TheftExtortion
Title: Cyberattacks Targeting the Pharmaceutical Industry
Description: In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine distribution can have life-threatening consequences. During global health crises like the COVID-19 pandemic, cyber attackers exploited vulnerabilities, including a fivefold increase in phishing attempts targeting the WHO. Ransomware and data breaches are major concerns, with incidents affecting companies like Inotiv, AEP, and Cencora, leading to financial losses, operational disruptions, and regulatory fines.
Type: Data Breach
Attack Vector: PhishingRansomwareThird-Party VulnerabilitiesIoT Device Exploitation
Vulnerability Exploited: Human Error (Phishing)Unpatched IoT DevicesThird-Party Supply Chain Weaknesses
Motivation: Financial GainData Theft (Intellectual Property, Patient Data)Disruption of Operations
Title: Inotiv Ransomware Attack and Data Breach
Description: Inotiv, a prominent research organization, recently reported a significant ransomware attack resulting in the theft of sensitive personal information of 9,542 individuals. The breach exposed confidential data, including names, addresses, Social Security numbers, financial and medical records.
Type: Ransomware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing emails (most common).
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware Attack INO559081925
Data Compromised: 162,000 files (176gb), Data samples published on leak site
Systems Affected: DatabasesInternal applicationsNetworks
Downtime: ['Ongoing (no estimated recovery time)', 'Disruptions to business operations']
Operational Impact: Migration to offline alternativesPartial restoration efforts
Brand Reputation Impact: Potential reputational damage due to data breach and operational disruptions
Incident : Data Breach INO5553055100225
Financial Loss: $4.61 million (average cost per breach, IBM 2025); $40 million (Cencora settlement)
Data Compromised: Clinical trial data, Patient records (prescriptions, treatments), Proprietary drug formulas, 170 gb of sensitive data (inotiv)
Systems Affected: Network encryption (Inotiv, AEP)IT systems (AEP, Cencora)Production systems (potential drug quality compromise)IoT devices (lab sensors, medical devices)
Downtime: ['Operations forced offline (Inotiv)', 'Medicine deliveries at risk (AEP, 6,000+ pharmacies affected)', 'Research and production delays']
Operational Impact: Stalled researchSlowed productionDelayed shipmentsCompromised drug qualityDelayed new drug approvals
Brand Reputation Impact: Strained relationships with partners; loss of trust
Legal Liabilities: Class-action litigation (Cencora, $40 million settlement)Regulatory fines (HIPAA, GDPR violations)
Identity Theft Risk: High (patient records exposed in Cencora breach)
Incident : Ransomware INO1765266961
Data Compromised: Sensitive personal information of 9,542 individuals, including names, addresses, Social Security numbers, financial and medical records
Brand Reputation Impact: Potential long-term consequences for brand reputation due to exposure of sensitive data
Identity Theft Risk: High risk of identity theft or fraud for affected individuals
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $1.54 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Corporate Data (Unspecified), Potentially Sensitive Research Or Operational Data, , Patient Personal And Health Information (Cencora), Prescription And Treatment Records, Proprietary Drug Formulas, Clinical Trial Data, , Names, Addresses, Social Security Numbers, Financial Records, Medical Records and .
Which entities were affected by each incident ?
Incident : Ransomware Attack INO559081925
Entity Name: Inotiv, Inc.
Entity Type: Pharmaceutical Company, Contract Research Organization (CRO)
Industry: Drug Development, Drug Discovery, Safety Assessment, Live Animal Research Modeling
Location: Indiana, USA
Size: ~2,000 employees
Incident : Data Breach INO5553055100225
Entity Name: Inotiv
Entity Type: Pharmaceutical R&D Company
Industry: Pharmaceutical
Incident : Data Breach INO5553055100225
Entity Name: AEP (Pharmaceutical Wholesaler)
Entity Type: Pharmaceutical Distributor
Industry: Pharmaceutical
Location: Germany
Customers Affected: 6,000+ pharmacies
Incident : Data Breach INO5553055100225
Entity Name: Cencora
Entity Type: Pharmaceutical Distributor
Industry: Pharmaceutical
Location: US
Size: Large (one of the largest in the US)
Customers Affected: Patients tied to 27+ pharmaceutical and biotechnology companies
Incident : Data Breach INO5553055100225
Entity Name: The Lash Group (Cencora Subsidiary)
Entity Type: Subsidiary
Industry: Pharmaceutical
Location: US
Incident : Data Breach INO5553055100225
Entity Name: World Health Organization (WHO)
Entity Type: International Health Agency
Industry: Healthcare
Location: Global
Incident : Ransomware INO1765266961
Entity Name: Inotiv
Entity Type: Research Organization
Industry: Research
Customers Affected: 9,542 individuals
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware Attack INO559081925
Incident Response Plan Activated: True
Third Party Assistance: External Security Experts.
Containment Measures: Isolation of affected systemsMigration to offline alternatives
Remediation Measures: System restoration efforts
Recovery Measures: Partial migration to offline operations
Communication Strategy: SEC filingMedia statements (via BleepingComputer)
Incident : Data Breach INO5553055100225
Remediation Measures: Risk assessmentsIoT device inventory and patch managementVendor risk assessmentsEmployee training (phishing awareness)
Incident : Ransomware INO1765266961
Incident Response Plan Activated: Yes
Third Party Assistance: Cybersecurity experts
Communication Strategy: Affected individuals are being notified
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through External security experts, , Cybersecurity experts.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware Attack INO559081925
Type of Data Compromised: Corporate data (unspecified), Potentially sensitive research or operational data
Number of Records Exposed: 162,000 files
Sensitivity of Data: High (potential inclusion of proprietary research or operational data)
Data Encryption: True
Incident : Data Breach INO5553055100225
Type of Data Compromised: Patient personal and health information (cencora), Prescription and treatment records, Proprietary drug formulas, Clinical trial data
Sensitivity of Data: High (patient health data, intellectual property)
Data Exfiltration: Yes (170 GB stolen in Inotiv breach; Cencora breach extended to 27+ companies)
Data Encryption: Yes (ransomware encryption in Inotiv, AEP)
Personally Identifiable Information: Yes (patient records in Cencora breach)
Incident : Ransomware INO1765266961
Type of Data Compromised: Names, Addresses, Social security numbers, Financial records, Medical records
Number of Records Exposed: 9,542
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: System restoration efforts, , Risk assessments, IoT device inventory and patch management, Vendor risk assessments, Employee training (phishing awareness), .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by isolation of affected systems, migration to offline alternatives and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware Attack INO559081925
Ransomware Strain: Qilin
Data Encryption: True
Data Exfiltration: True
Incident : Data Breach INO5553055100225
Data Encryption: Yes (Inotiv, AEP)
Data Exfiltration: Yes (Inotiv: 170 GB posted)
Incident : Ransomware INO1765266961
Data Exfiltration: Yes
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Partial migration to offline operations, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware Attack INO559081925
Regulatory Notifications: U.S. Securities and Exchange Commission (SEC) filing
Incident : Data Breach INO5553055100225
Regulations Violated: HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation),
Fines Imposed: $40 million (Cencora settlement)
Legal Actions: Class-action litigation (Cencora)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class-action litigation (Cencora).
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach INO5553055100225
Lessons Learned: Phishing remains the most common and effective attack vector in healthcare., Third-party ecosystem breaches are a significant risk (87% of companies affected)., IoT devices are a critical vulnerability in pharmaceutical environments., Supply chain attacks can bypass internal security measures., Regulatory non-compliance leads to severe financial and operational consequences.
Incident : Ransomware INO1765266961
Lessons Learned: The incident highlights the critical need for vigilant cybersecurity practices and the vulnerability of well-established organizations to sophisticated attacks.
What recommendations were made to prevent future incidents ?
Incident : Data Breach INO5553055100225
Recommendations: Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.Conduct regular risk assessments to detect threats early., Maintain an inventory of IoT devices and enforce authentication/encryption., Collaborate with industry peers to share threat intelligence., Perform vendor risk assessments to mitigate supply chain attacks., Train employees to recognize phishing and social engineering tactics., Include IoT devices in patch management strategies.
Incident : Ransomware INO1765266961
Recommendations: Ensuring regular updates and patches to software and systems., Implementing strong access controls and encrypting sensitive data., Educating employees about phishing risks and safe online practices., Maintaining frequent data backups to facilitate recovery in case of an attack.Ensuring regular updates and patches to software and systems., Implementing strong access controls and encrypting sensitive data., Educating employees about phishing risks and safe online practices., Maintaining frequent data backups to facilitate recovery in case of an attack.Ensuring regular updates and patches to software and systems., Implementing strong access controls and encrypting sensitive data., Educating employees about phishing risks and safe online practices., Maintaining frequent data backups to facilitate recovery in case of an attack.Ensuring regular updates and patches to software and systems., Implementing strong access controls and encrypting sensitive data., Educating employees about phishing risks and safe online practices., Maintaining frequent data backups to facilitate recovery in case of an attack.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Phishing remains the most common and effective attack vector in healthcare.,Third-party ecosystem breaches are a significant risk (87% of companies affected).,IoT devices are a critical vulnerability in pharmaceutical environments.,Supply chain attacks can bypass internal security measures.,Regulatory non-compliance leads to severe financial and operational consequences.The incident highlights the critical need for vigilant cybersecurity practices and the vulnerability of well-established organizations to sophisticated attacks.
References
Where can I find more information about each incident ?
Incident : Ransomware Attack INO559081925
Source: BleepingComputer
Incident : Ransomware Attack INO559081925
Source: U.S. Securities and Exchange Commission (SEC) Filing
Incident : Data Breach INO5553055100225
Source: IBM Cost of a Data Breach Report 2025
Incident : Data Breach INO5553055100225
Source: World Health Organization (WHO) statement by Flavio Aggio, CISO
Incident : Data Breach INO5553055100225
Source: Madaket Health (Eric Demers, CEO)
Incident : Data Breach INO5553055100225
Source: Cencora data breach settlement announcement
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputerUrl: https://www.bleepingcomputer.com, and Source: U.S. Securities and Exchange Commission (SEC) Filing, and Source: IBM Cost of a Data Breach Report 2025, and Source: World Health Organization (WHO) statement by Flavio Aggio, CISO, and Source: Madaket Health (Eric Demers, CEO), and Source: Cencora data breach settlement announcement.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware Attack INO559081925
Investigation Status: Ongoing (with external security experts)
Incident : Ransomware INO1765266961
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Sec Filing, Media Statements (Via Bleepingcomputer) and Affected individuals are being notified.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Ransomware Attack INO559081925
Stakeholder Advisories: Sec Filing, Media Communication.
Incident : Ransomware INO1765266961
Customer Advisories: Affected individuals are being notified
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Sec Filing, Media Communication and Affected individuals are being notified.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware Attack INO559081925
High Value Targets: Databases, Internal Applications,
Data Sold on Dark Web: Databases, Internal Applications,
Incident : Data Breach INO5553055100225
Entry Point: Phishing emails (most common)
High Value Targets: Clinical Trial Data, Patient Records, Proprietary Drug Formulas, It/Ot Systems,
Data Sold on Dark Web: Clinical Trial Data, Patient Records, Proprietary Drug Formulas, It/Ot Systems,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach INO5553055100225
Root Causes: Human Error (Falling For Phishing Attacks), Unpatched Iot And Medical Devices, Weak Third-Party Security Controls, Insufficient Employee Training,
Corrective Actions: Enhanced Phishing Awareness Training, Iot Device Security Hardening, Third-Party Vendor Risk Management, Regular Risk Assessments And Patch Management,
Incident : Ransomware INO1765266961
Corrective Actions: Reinforcing security infrastructure to avoid similar incidents in the future
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as External Security Experts, , Cybersecurity experts.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Enhanced Phishing Awareness Training, Iot Device Security Hardening, Third-Party Vendor Risk Management, Regular Risk Assessments And Patch Management, , Reinforcing security infrastructure to avoid similar incidents in the future.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Qilin Ransomware Gang.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-08-08.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-08-08.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $4.61 million (average cost per breach, IBM 2025); $40 million (Cencora settlement).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were 162,000 files (176GB), Data samples published on leak site, , Clinical trial data, Patient records (prescriptions, treatments), Proprietary drug formulas, 170 GB of sensitive data (Inotiv), , Sensitive personal information of 9,542 individuals, including names, addresses, Social Security numbers and financial and medical records.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were DatabasesInternal applicationsNetworks and Network encryption (Inotiv, AEP)IT systems (AEP, Cencora)Production systems (potential drug quality compromise)IoT devices (lab sensors, medical devices).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was external security experts, , Cybersecurity experts.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Isolation of affected systemsMigration to offline alternatives.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 170 GB of sensitive data (Inotiv), Sensitive personal information of 9,542 individuals, including names, addresses, Social Security numbers, financial and medical records, Patient records (prescriptions, treatments), 162,000 files (176GB), Clinical trial data, Data samples published on leak site and Proprietary drug formulas.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 171.5K.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $40 million (Cencora settlement).
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class-action litigation (Cencora).
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regulatory non-compliance leads to severe financial and operational consequences., The incident highlights the critical need for vigilant cybersecurity practices and the vulnerability of well-established organizations to sophisticated attacks.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Include IoT devices in patch management strategies., Perform vendor risk assessments to mitigate supply chain attacks., Ensuring regular updates and patches to software and systems., Collaborate with industry peers to share threat intelligence., Implementing strong access controls and encrypting sensitive data., Educating employees about phishing risks and safe online practices., Maintaining frequent data backups to facilitate recovery in case of an attack., Maintain an inventory of IoT devices and enforce authentication/encryption., Conduct regular risk assessments to detect threats early. and Train employees to recognize phishing and social engineering tactics..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Madaket Health (Eric Demers, CEO), IBM Cost of a Data Breach Report 2025, World Health Organization (WHO) statement by Flavio Aggio, CISO, U.S. Securities and Exchange Commission (SEC) Filing, Cencora data breach settlement announcement and BleepingComputer.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.bleepingcomputer.com .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (with external security experts).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was SEC filing, Media communication, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Affected individuals are being notified.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing emails (most common).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Human error (falling for phishing attacks)Unpatched IoT and medical devicesWeak third-party security controlsInsufficient employee training.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Enhanced phishing awareness trainingIoT device security hardeningThird-party vendor risk managementRegular risk assessments and patch management, Reinforcing security infrastructure to avoid similar incidents in the future.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=inotiv' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
