Ransomware group Qilin this week took credit for a cyber attack earlier this month on Inotiv, a drug research company best known for animal testing.
In an August 8 SEC disclosure, Inotiv said attackers encrypted parts of its systems, which disrupted access to internal networks and applications.
“On August 8, 2025, Inotiv, Inc. (the “Company”) became aware of a cybersecurity incident affecting certain of its systems and data,” says Inotiv’s SEC disclosure. “The Company’s preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the Company’s systems.”
Qilin says it stole 176 GB of data during the attack. To prove its claim, Qilin posted images of what it says are documents stolen from Inotiv.
“A large amount of research data for the last 10 years has become publicly available,” Qilin writes on its data leak site. “The published data contains a complete report on the development and testing of dozens of drugs. the publication of this archive threatens the company with contract terminations and fines exceeding several hundred million dollars, which would lead to a total damage to the company’s business reputation.”
Inotiv has not verified Qilin’s claim. We do not know what data was compromised, if Inotiv did or will pay a ransom, how much Qilin demanded, or how attackers breached Inotiv’s network. Comparitech contacted Inotiv for comment and will update this article if it replies.
As of August 8, Inotiv was still restoring systems and investigating the scope of the attack.
“The cybersecurity incident has caused, and is expected to continue to cause, disruptions to certain business operations of the Company. The incident has temporarily impacted the availability of and access to certain of the Company’s networks and systems, including access to portions of internal data storage and certain internal business applications,” Inotiv says in its report to the SEC. “While the Company is working diligently to restore affected functions and systems access, the timeline for a full restoration is not yet known.”
Who is Qilin?
Qilin is a ransomware gang that began taking credit for attacks on its data leak site in late 2022. Based in Russia, Qilin mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms.
Qilin has claimed responsibility for 62 confirmed ransomware attacks in 2025 to date, plus 371 unconfirmed claims that haven’t been publicly acknowledged by the targeted organizations.
This month, we attributed the following attacks to Qilin:
- MARMA Polskie Folie, a Polish manufacturing company, lost access to its data after a cyber attack encrypted its systems
- Morgenstern, a German tech company, is investigating an attack that triggered emergency protocols
- Welcome Financial Group, a Korean finance company, had 1 TB of data stolen from its internal systems
Ransomware attacks on US healthcare businesses
Comparitech researchers have logged nine confirmed ransomware attacks on US healthcare businesses that do not provide direct care to patients, compromising more than 5.4 million records. Most of those records stemmed from an attack on Episource, a medical software maker.
Other such recently confirmed attacks include:
- Think Big Health Care Solutions reported a June 2025 data breach claimed by PEAR
- All Star Healthcare Solutions notified 4,498 people of a February 2025 data breach claimed by RansomHub
- Provail is issuing data breach notices to victims of a June 2025 data breach claimed by Beast
Ransomware attacks on healthcare businesses can cripple critical systems and endanger the health, privacy, and security of patients. Targeted companies must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk of fraud.
About Inotiv
Headquartered in Lafayette, Indiana, Inotiv, Inc is a drug development firm known for animal testing. It employs more than 1,200 people and generates more than half a billion dollars in revenue per year, according to external sources.
