Cyber Incident Victim: Acorda Therapeutics

Acorda Therapeutics experienced a cybersecurity incident on or around December 15, 2021, which disrupted normal business operations and necessitated the proactive shutdown of its information technology systems. The company responded by immediately implementing containment protocols to isolate affected systems and engaged third-party cybersecurity forensic experts to investigate the nature and scope of the breach. Law enforcement agencies were notified as part of the incident response protocol. While the investigation remained ongoing, Acorda confirmed unauthorized access to its network but did not publicly disclose specific technical details regarding the attack vector or threat actor attribution during the initial disclosure phase. The incident caused operational delays, particularly impacting financial reporting timelines due to restricted access to critical systems required for compiling year-end financial data.

The disruption delayed Acorda’s filing of its annual Form 10-K report with the U.S. Securities and Exchange Commission, as disclosed in a regulatory filing on December 15, 2021. The company stated the cyber incident could materially affect its operations but provided no further specifics regarding data exfiltration, ransomware deployment, or patient data compromise. Internal teams collaborated with external cybersecurity specialists to restore systems securely while maintaining compliance with regulatory obligations. No additional public updates regarding remediation outcomes, data exposure specifics, or financial impact quantification were issued in subsequent months based on available source material. Operational continuity measures were enacted during the recovery period to minimize prolonged disruption to business activities.