Itron reports cyber intrusion, says systems secured and operations continue

A cyber intrusion at Itron has put a major supplier of water and energy metering under sharper scrutiny, with the company saying an unauthorized third party gained access to certain systems on April 13. Itron, which serves hundreds of millions of homes and businesses with utility meters and monitoring equipment, said it activated its cybersecurity response plan, brought in external advisors and notified law enforcement.

The company said it remediated and removed the unauthorized activity and has not observed any subsequent unauthorized activity within its corporate systems. It also said no unauthorized activity was observed in the customer-hosted portion of its systems, a line that matters for utilities that rely on vendor software, sensors and communications networks to keep billing, monitoring and grid-edge functions running. Itron did not identify in the filing what data, if any, may have been exposed.

Itron said its contingency plans and data backup systems allowed operations to continue in all material respects. That continuity is central for a company embedded in critical infrastructure, where even a contained breach can raise questions about whether customer records, operational telemetry, device management tools or service workflows were touched. The filing did not say those categories were compromised, but it made clear that the company is still evaluating what legal filings and regulatory notifications may be required.

The company also said it expects a significant portion of its direct incident costs will be reimbursed by insurers. In its February 25, 2025 cybersecurity disclosure to the U.S. Securities and Exchange Commission, Itron said its Information Security Steering Committee includes senior executives such as the CEO and CFO, and that it uses a defense-in-depth security philosophy, centralized logging and monitoring, and cybersecurity insurance intended to cover incidents like this one. Those controls are designed to limit the blast radius when a vendor that sits inside utility operations is targeted.

Itron is headquartered at 2111 N. Molter Road in Liberty Lake, Washington, and its common stock trades on Nasdaq under the ticker ITRI. Its investor relations page describes the company as a global leader in energy, water, smart city, IIoT and intelligent infrastructure services, and it has scheduled its first-quarter 2026 earnings conference call for April 28. That call will give investors and utility customers a first detailed look at how far the intrusion reached, how quickly it was contained and what the episode says about the weak points in critical infrastructure supply chains.