PJC
Company Details
Linkedin ID:
pharmaceutics-international
Website:
Employees number:
354
Number of followers:
10,409
NAICS:
3254
Industry Type:
Homepage:
pharm-int.com
IP Addresses:
0
Company ID:
PII_3049995
Scan Status:
In-progress
Pii, A Jabil Company Company CyberSecurity Posture
pharm-int.com
Pharmaceutics International Inc. (Pii) is a leading Contract Development and Manufacturing Organization (CDMO) that provides comprehensive solutions for aseptic and oral dosage forms. Founded in 1994 by Dr. Syed Abidi, a pioneering formulation scientist, Pii has over 30 years of experience handling complex formulations, potent compounds, and controlled substances. Based in Hunt Valley, MD, Pii’s capabilities include lyophilization, high potency isolation, and robotic filling. Our expert teams ensure the highest quality and safety standards, supporting small to medium-volume projects with scalable solutions and unmatched flexibility. Committed to client-centric drug development, Pii's mission is to enhance quality of life through innovative and high-quality pharmaceuticals. Discover more about our services and how we can support your projects at www.pharm-int.com.
Pii, A Jabil Company A.I CyberSecurity Scoring
PJC Risk Score (AI oriented)Between 650 and 699
PJC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PJC Global Score (TPRM)XXXX
PJC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PJC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Pharmaceutics International and Inc.: Pharmaceutics International Data Breach Exposes PII
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: **Pharmaceutics International, Inc. Reports Major Data Breach Exposing Sensitive PII** Pharmaceutics International, Inc. (Pii), a prominent contract development and manufacturing organization in the pharmaceutical sector, has disclosed a significant data breach involving highly sensitive personally identifiable information (PII). The incident was reported to the Massachusetts Attorney General’s office on **December 23, 2025**, with at least **five Massachusetts residents confirmed impacted**—though the total number of affected individuals may rise as the investigation continues. The breach exposed a broad range of personal data, including **full names, Social Security numbers, dates of birth, current and former addresses, government-issued IDs, Social Security cards, pay stubs, and W-2 forms**. The scope of the exposed information heightens the risk of **identity theft and financial fraud**, though the company has not yet identified the attack vector or responsible threat actor. In response, Pii **secured its systems, initiated a comprehensive incident review, and is reassessing its security protocols** to prevent future breaches. Regulatory notifications have been filed as required by law. Affected individuals are being offered **complimentary credit monitoring and identity protection services through Kroll**, along with a dedicated call center for inquiries (**844-354-1388**, Monday–Friday, 9 a.m.–6:30 p.m. ET). The investigation remains ongoing, with no further details on the breach’s origin or potential broader impact.
PJC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PJC
Incidents vs Pharmaceutical Manufacturing Industry Average (This Year)
Pii, A Jabil Company has 8.7% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Pii, A Jabil Company has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types PJC vs Pharmaceutical Manufacturing Industry Avg (This Year)
Pii, A Jabil Company reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — PJC (X = Date, Y = Severity)
PJC cyber incidents detection timeline including parent company and subsidiaries
PJC Company Subsidiaries
Pharmaceutics International Inc. (Pii) is a leading Contract Development and Manufacturing Organization (CDMO) that provides comprehensive solutions for aseptic and oral dosage forms. Founded in 1994 by Dr. Syed Abidi, a pioneering formulation scientist, Pii has over 30 years of experience handling complex formulations, potent compounds, and controlled substances. Based in Hunt Valley, MD, Pii’s capabilities include lyophilization, high potency isolation, and robotic filling. Our expert teams ensure the highest quality and safety standards, supporting small to medium-volume projects with scalable solutions and unmatched flexibility. Committed to client-centric drug development, Pii's mission is to enhance quality of life through innovative and high-quality pharmaceuticals. Discover more about our services and how we can support your projects at www.pharm-int.com.
Loading...
PJC Similar Companies
The Janssen Pharmaceutical Companies of Johnson & Johnson
At Janssen, we never stop working toward a future where disease is a thing of the past. We’re the Pharmaceutical Companies of Johnson & Johnson, and you can count on us to keep working tirelessly to make that future a reality for patients everywhere, by fighting sickness with science, improving ac
For almost 50 years, we’ve been creating high-quality medicines and making them accessible to the people who need them. We are a trusted, reliable partner and dependable source of over 800* high-quality generic, specialty and branded pharmaceutical products that hospitals, physicians and pharmacists
Merck
At Merck, known as MSD outside of the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccine
Cipla
Cipla is a leading global pharmaceutical company trusted by healthcare professionals and patients across the world since 1935. A compassionate approach to healthcare that goes beyond the pursuit of profit and growth has been the force impelling Cipla’s history over the years. Our credo and our purp
MSD
At MSD, known as Merck & Co., Inc., Rahway, NJ, USA in the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important
Servier
Founded to serve health 70 years ago, Servier is a global pharmaceutical group governed by a non-profit Foundation that aspires to make a meaningful social impact for patients and for a sustainable world. The Group’s unique governance model preserves its independence and means it can fully serve its
Novartis is an innovative medicines company. Every day, working to reimagine medicine to improve and extend people’s lives so that patients, healthcare professionals and societies are empowered in the face of serious disease. Our medicines reach more than 250 million people worldwide. Find out mor
Hetero Drugs Ltd
Hetero is a research based global pharmaceutical company focused on development, manufacturing and marketing of Active Pharmaceutical Ingredients (APIs), Intermediate Chemicals & Finished Dosages. Ever since its establishment in 1993, Hetero showed a tradition of excellence and deep sense of commitm
Eli Lilly and Company
We're a medicine company turning science into healing to make life better for people around the world. It all started nearly 150 years ago with a clear vision from founder Colonel Eli Lilly: "Take what you find here and make it better and better." Harnessing the power of biotechnology, chemistry and
.png)
PJC CyberSecurity News
February 05, 2025 08:00 AM
Jabil acquires CDMO Pii to support drug development customers
Jabil has acquired contract development and manufacturing organisation (CDMO) Pharmaceutics International (Pii) to offer support for drug development customers.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PJC CyberSecurity History Information
Official Website of Pii, A Jabil Company
The official website of Pii, A Jabil Company is http://www.pharm-int.com.
Pii, A Jabil Company’s AI-Generated Cybersecurity Score
According to Rankiteo, Pii, A Jabil Company’s AI-generated cybersecurity score is 689, reflecting their Weak security posture.
How many security badges does Pii, A Jabil Company’ have ?
According to Rankiteo, Pii, A Jabil Company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Pii, A Jabil Company have SOC 2 Type 1 certification ?
According to Rankiteo, Pii, A Jabil Company is not certified under SOC 2 Type 1.
Does Pii, A Jabil Company have SOC 2 Type 2 certification ?
According to Rankiteo, Pii, A Jabil Company does not hold a SOC 2 Type 2 certification.
Does Pii, A Jabil Company comply with GDPR ?
According to Rankiteo, Pii, A Jabil Company is not listed as GDPR compliant.
Does Pii, A Jabil Company have PCI DSS certification ?
According to Rankiteo, Pii, A Jabil Company does not currently maintain PCI DSS compliance.
Does Pii, A Jabil Company comply with HIPAA ?
According to Rankiteo, Pii, A Jabil Company is not compliant with HIPAA regulations.
Does Pii, A Jabil Company have ISO 27001 certification ?
According to Rankiteo,Pii, A Jabil Company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Pii, A Jabil Company
Pii, A Jabil Company operates primarily in the Pharmaceutical Manufacturing industry.
Number of Employees at Pii, A Jabil Company
Pii, A Jabil Company employs approximately 354 people worldwide.
Subsidiaries Owned by Pii, A Jabil Company
Pii, A Jabil Company presently has no subsidiaries across any sectors.
Pii, A Jabil Company’s LinkedIn Followers
Pii, A Jabil Company’s official LinkedIn profile has approximately 10,409 followers.
NAICS Classification of Pii, A Jabil Company
Pii, A Jabil Company is classified under the NAICS code 3254, which corresponds to Pharmaceutical and Medicine Manufacturing.
Pii, A Jabil Company’s Presence on Crunchbase
Yes, Pii, A Jabil Company has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/pharmaceutics-international.
Pii, A Jabil Company’s Presence on LinkedIn
Yes, Pii, A Jabil Company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/pharmaceutics-international.
Cybersecurity Incidents Involving Pii, A Jabil Company
As of December 24, 2025, Rankiteo reports that Pii, A Jabil Company has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Pii, A Jabil Company has an estimated 5,462 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Pii, A Jabil Company ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Pii, A Jabil Company detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and third party assistance with kroll (credit monitoring and identity protection services), and containment measures with secured systems, and remediation measures with reviewed security policies and procedures; assessing security measures to reduce future risks, and communication strategy with notification to affected individuals; call center established..
Incident Details
Can you provide details on each incident ?
Title: Pharmaceutics International, Inc. Data Breach
Description: Pharmaceutics International, Inc., a leading contract development and manufacturing organization in the pharmaceutical industry, recently disclosed a significant data breach involving sensitive personally identifiable information (PII). The breach exposed a wide range of sensitive information, including full names, Social Security numbers, dates of birth, current and previous addresses, government-issued identification cards, Social Security cards, pay stubs and W2 forms.
Date Publicly Disclosed: 2025-12-23
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach PHA1766527959
Data Compromised: Sensitive personally identifiable information (PII)
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (PII).
Which entities were affected by each incident ?
Incident : Data Breach PHA1766527959
Entity Name: Pharmaceutics International, Inc.
Entity Type: Contract Development and Manufacturing Organization (CDMO)
Industry: Pharmaceutical
Customers Affected: At least 5 residents of Massachusetts (number subject to change)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach PHA1766527959
Incident Response Plan Activated: Yes
Third Party Assistance: Kroll (credit monitoring and identity protection services)
Containment Measures: Secured systems
Remediation Measures: Reviewed security policies and procedures; assessing security measures to reduce future risks
Communication Strategy: Notification to affected individuals; call center established
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Kroll (credit monitoring and identity protection services).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach PHA1766527959
Type of Data Compromised: Personally Identifiable Information (PII)
Sensitivity of Data: High
File Types Exposed: Government-issued identification cardsSocial Security cardsPay stubsW2 forms
Personally Identifiable Information: Full namesSocial Security numbersDates of birthCurrent and previous addresses
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Reviewed security policies and procedures; assessing security measures to reduce future risks.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by secured systems.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach PHA1766527959
Regulatory Notifications: Yes (relevant regulators notified as required by law)
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach PHA1766527959
Recommendations: Sign up for free Kroll credit monitoring and identity theft protection services, Monitor credit reports and financial accounts for unusual activity, Be alert for phishing emails or phone calls using exposed information, Consider placing a fraud alert or credit freeze with major credit bureausSign up for free Kroll credit monitoring and identity theft protection services, Monitor credit reports and financial accounts for unusual activity, Be alert for phishing emails or phone calls using exposed information, Consider placing a fraud alert or credit freeze with major credit bureausSign up for free Kroll credit monitoring and identity theft protection services, Monitor credit reports and financial accounts for unusual activity, Be alert for phishing emails or phone calls using exposed information, Consider placing a fraud alert or credit freeze with major credit bureausSign up for free Kroll credit monitoring and identity theft protection services, Monitor credit reports and financial accounts for unusual activity, Be alert for phishing emails or phone calls using exposed information, Consider placing a fraud alert or credit freeze with major credit bureaus
References
Where can I find more information about each incident ?
Incident : Data Breach PHA1766527959
Source: Massachusetts Attorney General’s office
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Massachusetts Attorney General’s office.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach PHA1766527959
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notification to affected individuals; call center established.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach PHA1766527959
Customer Advisories: Call center established at 844-354-1388 (Monday through Friday, 9 a.m. to 6:30 p.m. ET)
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Call center established at 844-354-1388 (Monday through Friday and 9 a.m. to 6:30 p.m. ET).
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach PHA1766527959
Corrective Actions: Assessing security measures to reduce the risk of similar events in the future
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Kroll (credit monitoring and identity protection services).
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Assessing security measures to reduce the risk of similar events in the future.
Additional Questions
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-12-23.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Sensitive personally identifiable information (PII).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Kroll (credit monitoring and identity protection services).
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured systems.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Sensitive personally identifiable information (PII).
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Monitor credit reports and financial accounts for unusual activity, Be alert for phishing emails or phone calls using exposed information, Consider placing a fraud alert or credit freeze with major credit bureaus and Sign up for free Kroll credit monitoring and identity theft protection services.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Massachusetts Attorney General’s office.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Call center established at 844-354-1388 (Monday through Friday and 9 a.m. to 6:30 p.m. ET).
.png)
Latest Global CVEs (Not Company-Specific)
Description
Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account Token specified in spec.hashiCorpVault.credential.serviceAccount. An attacker with permissions to create or modify a TriggerAuthentication resource can exfiltrate the content of any file from the node's filesystem (where the KEDA pod resides) by directing the file's content to a server under their control, as part of the Vault authentication request. The potential impact includes the exfiltration of sensitive system information, such as secrets, keys, or the content of files like /etc/passwd. This issue has been patched in versions 2.17.3 and 2.18.3.
Risk Information
cvss4
Base: 8.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Fedify's document loader. The HTML parsing regex at packages/fedify/src/runtime/docloader.ts:259 contains nested quantifiers that cause catastrophic backtracking when processing maliciously crafted HTML responses. This issue has been patched in versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
- https://github.com/fedify-dev/fedify/commit/2bdcb24d7d6d5886e0214ed504b63a6dc5488779
- https://github.com/fedify-dev/fedify/commit/bf2f0783634efed2663d1b187dc55461ee1f987a
- https://github.com/fedify-dev/fedify/releases/tag/1.6.13
- https://github.com/fedify-dev/fedify/releases/tag/1.7.14
- https://github.com/fedify-dev/fedify/releases/tag/1.8.15
- https://github.com/fedify-dev/fedify/releases/tag/1.9.2
- https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93
Description
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Description
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=pharmaceutics-international' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
