2019-04-30 CHARLES RIVER LABORATORIES INTERNATIONAL, INC. Cybersecurity Incident

Page last updated on April 11, 2024

CHARLES RIVER LABORATORIES INTERNATIONAL, INC. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2019-04-30 06:10:23 EDT.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2019-04-30
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2019-04-30

CHARLES RIVER LABORATORIES INTERNATIONAL, INC. filed an 8-K at 2019-04-30 06:10:23 EDT
Accession Number: 0001157523-19-000946

Item 7.01 Regulation FD Disclosure.

The following information shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934, as amended (the “Exchange Act”), or incorporated by reference in any filing under the Securities Act of 1933, as amended, or the Exchange Act, except as shall be expressly set forth by specific reference in such a filing.

On April 30, 2019, Charles River Laboratories International, Inc. (the “Company” or “Registrant”) notified clients of unauthorized access into portions of its information systems. Promptly upon detection of unusual activity in its information systems in mid-March, the Company commenced an investigation into this incident, coordinated with U.S. federal law enforcement, and engaged leading cybersecurity experts. Charles River also began to promptly implement a comprehensive containment and remediation plan.


While the investigation is ongoing, the Company has recently determined that some client data was copied by a highly sophisticated, well-resourced intruder. The number of clients whose data is known to have been copied represents approximately 1% of Charles River’s total number of clients. The percentage of clients affected does not necessarily equate to the potential revenue or financial impact related to this incident, which the Company has yet to determine. There is no indication at this time that any of the client data the Company has identified as having been accessed during this incident was deleted, corrupted, or altered. Charles River has taken steps to contact all clients whose data is known to have been copied.

The Company continues to move aggressively to further secure its information systems, which includes adding enhanced security features and monitoring procedures to further protect its client data. While Charles River has taken substantial steps to minimize unauthorized access into its information systems, until its ongoing remediation process is complete, the Company will be unable to determine that this incident has been entirely remediated. However, Charles River believes it has closed the point of entry employed by the intruder in connection with this incident. The Company has not observed any further indications of continued unauthorized activity in its information systems.


For information on this incident, please visit a dedicated website at www.criver.com/cybersecurity. Information set forth on that website is not incorporated herein by reference.

Company Information