West Pharmaceutical Services on Wednesday said it has contained a ransomware attack it suffered earlier this month and is restarting critical systems, including manufacturing, receiving and shipping, at certain locations, according to an update on its website. 

The Exton, Pa.-based company, one of the world’s leading makers of drug-delivery devices and solutions, confirmed that data was stolen and encrypted in the attack, in a Monday filing with the Securities and Exchange Commission.

The company said it discovered unusual activity on its network on May 4, taking systems offline as a precaution, and had hired outside forensic experts and notified law enforcement. 

The initial shutdown and isolation of the affected infrastructure blocked access to enterprise systems, which temporarily disrupted global business operations. 

Palo Alto Networks Unit 42, handled incident response to the attack, according to an assurance letter shared by the pharmaceutical services company. The letter confirms that the ransomware attack was contained and any malicious binaries and unauthorized persistence mechanisms were neutralized. 

West Pharmaceuticals continues to work on fully restoring its operations, and has not yet determined the full impact of the attack on its financial results.

The company previously forecasted annual sales of $3.29 billion to $3.35 billion.