Inotiv Data Breach: 176 GB of Sensitive Data Stolen

On August. 8, 2025, Inotiv disclosed a major data breach in a filing with the Securities and Exchange Commission. The incident was later claimed by the Qilin ransomware group, who posted about the attack on the dark web on Aug. 19, 2025.

According to Qilin, they exfiltrated 176 GB of data from Inotiv’s systems, including 161,967 files. The stolen information reportedly contained personal and protected health data of employees and other individuals involved with Inotiv. The hackers also acquired complete reports on the development and testing of dozens of drugs, which may include sensitive intellectual property and proprietary research data.

The data breach appears to have been carried out through a ransomware attack, with Qilin gaining unauthorized access to Inotiv’s network. According to reports, the cybercriminals made the the stolen data available for purchase on the dark web.

Compromised data of employees and other individuals involved with Inotiv may include names, phone numbers, email addresses, dates of birth, Social Security numbers, driver's license or state ID card information, payment and financial account information, health insurance information and medical information.

Inotiv's response

After detecting the breach, Inotiv began notifying federal regulators and launched an investigation. The company will work to identity impacted individuals and contact them by mail with more specifics about the cybersecurity incident.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Inotiv.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about the company, visit Inotiv’s official website.