Charles River Labs hit by 'well-resourced' data thief

Charles River Labs
Charles River Labs has closed the point of entry for the hacker, but still cannot 100% guarantee the breach is over. (Charles River Labs)

Charles River Labs has been hit by “a highly sophisticated, well-resourced intruder” who hacked into 1% of its clients' data.

In an 8-K form posted this week, the CRO said there was “unusual activity” seen coming from its systems in mid-March, leading it to find that “some client data was copied by a highly sophisticated, well-resourced intruder. The number of clients whose data is known to have been copied represents approximately 1% of Charles River’s total number of clients.” 

The company goes on: “The percentage of clients affected does not necessarily equate to the potential revenue or financial impact related to this incident, which the company has yet to determine. There is no indication at this time that any of the client data the company has identified as having been accessed during this incident was deleted, corrupted, or altered. Charles River has taken steps to contact all clients whose data is known to have been copied.”

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceBiotech!

Biopharma is a fast-growing world where big ideas come along every day. Our subscribers rely on FierceBiotech as their must-read source for the latest news, analysis and data in the world of biotech and pharma R&D. Sign up today to get biotech news and updates delivered to your inbox and read on the go.

RELATED: Charles River Labs cuts jobs as it closes San Diego site

The CRO says it “continues to move aggressively” to lock down its system from further attacks, but cannot guarantee more data couldn't be leeched. “While Charles River has taken substantial steps to minimize unauthorized access into its information systems, until its ongoing remediation process is complete, the company will be unable to determine that this incident has been entirely remediated," the company said.

It did add, however, that it has “has closed the point of entry employed by the intruder in connection with this incident” and has not seen anything suspicious since. I asked the company whether they knew anything extra about the hacker, their intentions or whether they were part of a larger group, but the company said it would not be adding anything outside of its 8-K.

It’s not been the best spring for Charles River, as just over a month ago it announced it was axing a series of jobs as it closed down a San Diego site.

Before this, things were more positive, as Charles River has been spending, snapping up companies and making deals, including just three months back buying up early-stage CRO Citoxlab.

A month before, it went all-in for British CRO KWS BioTest in a £15 million ($20 million) deal. It’s also penned a new pact with Crown Bioscience for expanded access to the Zucker diabetic Sprague-Dawley rat model.

The company was down 1.4% this morning.

Suggested Articles

Avidity Biosciences is on a roll—after inking an R&D deal with Eli Lilly and hiring a new CEO, the company is reeling in $100 million.

What the NASH field needs, says Genfit CEO Pascal Prigent, is something like the Hb1Ac test for diabetes.

Dubbed “Project Nightingale,” the efforts were announced amid concerns and federal inquiries into the data’s safekeeping and patient consent for use.