Itron, a $2.4 billion utility technology company whose products help manage electricity, gas, water and smart city infrastructure, disclosed a cybersecurity incident in an SEC filing dated April 24, 2026.
The company said an unauthorized third party gained access to certain company systems. Itron said it was notified of the activity on April 13, activated its cybersecurity response plan, brought in outside advisers and notified law enforcement.
“The company took action to remediate and remove the unauthorized activity and has not observed any subsequent unauthorized activity within its corporate systems. Further, no unauthorized activity was observed in the customer hosted portion of its systems,” the company said in its SEC filing.
Itron makes smart meters, grid software, communications systems and water management technology for utilities, cities and energy providers. The company says its technology serves more than 8,000 customers in over 100 countries.
“The Company does not currently believe the incident has had or is reasonably likely to have a material impact on the Company,” the filing stated.
The company reported the incident under Item 8.01, or “Other Events,” rather than Item 1.05, the SEC category for material cybersecurity incidents. SEC staff guidance says companies may use another Form 8-K item, such as Item 8.01, when disclosing an incident they have not determined to be material or have determined is not material.
Itron did not say what systems the attacker accessed. It did not say whether data was stolen. It also did not identify the threat actor. Itron said its investigation is ongoing. The company is still reviewing whether it must make more legal or regulatory notifications.
