0000316253 false 0000316253 2023-04-06 2023-04-06 iso4217:USD xbrli:shares iso4217:USD xbrli:shares





Washington, DC 20549





Pursuant to Section 13 or 15(d)

of the Securities Exchange Act of 1934


Date of report (Date of earliest event reported): April 6, 2023


Enzo Biochem, Inc.

(Exact Name of Registrant as Specified in Its Charter)


New York

(State or Other Jurisdiction of Incorporation)


001-09974   13-2866202
(Commission File Number)   (IRS Employer
Identification No.)
81 Executive Blvd. Suite 3    
Farmingdale, New York   11735
(Address of Principal Executive Offices)   (Zip Code)



(Registrant’s Telephone Number, Including Area Code) 



(Former Name or Former Address, if Changed Since Last Report)


Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions:


Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)
Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)
Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))
Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))


Securities registered pursuant to Section 12(b) of the Act:


Title of Each Class   Trading Symbol   Name of Each Exchange on Which Registered
Common Stock, $0.01 par value   ENZ   The New York Stock Exchange


Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-1 of this chapter). 


Emerging growth company  


If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐




Item 8.01 Other Events.


As previously disclosed, on April 6, 2023, Enzo Biochem, Inc. (the “Company”) experienced a ransomware attack that impacted certain information technology systems. In response, the Company promptly deployed containment measures, including disconnecting its systems from the internet, launched an investigation with assistance from third-party cybersecurity experts, and notified law enforcement. The Company adhered to its disaster recovery plan, which enabled it to maintain operations throughout the incident response process. The Company’s facilities are open, and it continues to provide services to its patients and partners.


On April 11, 2023, the Company became aware that certain data, including names, test information, and Social Security numbers, was accessed, and in some instances, exfiltrated from the Company’s information technology systems as part of this incident. The investigation of this incident and the assessment of its impact is ongoing. However, the Company identified unauthorized access to or acquisition of clinical test information of approximately 2,470,000 individuals. The Social Security numbers of approximately 600,000 of these individuals may also have been involved. The Company is evaluating whether its employees’ information may have been involved. The Company will provide notice to the individuals whose information may have been involved, as well as to regulatory authorities, in accordance with applicable law.


The Company has incurred, and may continue to incur, certain expenses related to this attack, including expenses to respond to, remediate and investigate this matter. Further, the Company remains subject to risks and uncertainties as a result of the incident, including as a result of the data that was accessed or exfiltrated from the Company’s network as noted above. Additionally, security and privacy incidents have led to, and may continue to lead to, additional regulatory scrutiny. The Company is in the process of evaluating the full scope of the costs and related impacts of this incident.


For further information regarding the risks associated with cyber security incidents and disruptions to our operations, please see “Risk Factors” in the Company’s Annual Report on Form 10-K for the fiscal year ended July 31, 2022.


Forward-Looking Statements


This Current Report on Form 8-K includes statements which may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which are necessarily subject to risks, uncertainties, and assumptions as to future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements relating to our expectations regarding our ability to contain and assess the ransomware attack and the impact of the ransomware attack on our operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Factors that could cause actual results to differ materially from those expressed or implied include the ongoing assessment of the ransomware attack, legal, reputational and financial risks resulting from cyberattacks, including the ransomware attack, the effectiveness of business continuity plans during the ransomware attack, and the other factors discussed in our most recent Annual Report on Form 10-K and other filings with the Securities and Exchange Commission. The Company undertakes No obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as may be required under applicable securities law.


Item 9.01 Financial Statements and Exhibits.



Exhibit   Exhibit Name
104   Cover Page Interactive Data File (embedded within the Inline XBRL document).





Pursuant to the requirements of the Securities Exchange Act of 1934, as amended, the registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.


Date: May 30, 2023 By: /s/ Hamid Erfanian
    Hamid Erfanian
    Chief Executive Officer