Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Mar. 31, 2026
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	PetMeds and PetCareRx maintain an enterprise-wide cybersecurity program designed to identify, assess, manage, and mitigate information security risks across the organization. Our program covers governance, policy, prevention, detection, incident response, and recovery, aligned with industry standards. Cybersecurity Risk Management and Oversight Our cybersecurity risk management program is designed to protect our systems, data, and customers from a wide range of cyber threats. Our cybersecurity practices are guided by the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework (“CSF”), which categorizes cybersecurity activities into five key functions: identify, protect, detect, respond, and recover. During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization. Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise. In addition, we implemented Drata, a governance, risk, and compliance (“GRC”) platform, to automate and streamline risk management, control monitoring, and compliance processes. This investment strengthens our ability to maintain continuous visibility into our control environment and enhances our overall cybersecurity maturity. The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments. Incident Detection and Response We maintain an Incident Response Policy and supporting procedures that define how potential cybersecurity events are identified, escalated, investigated, contained, and remediated. The objectives of our incident response program include: •Timely investigation and validation of incidents •Minimization of data loss or service disruption •Evidence preservation in accordance with legal and regulatory requirements •Restoration of affected systems and services •Post-incident review and implementation of corrective actions •Notification to affected parties and regulators, where appropriate These procedures are periodically tested and updated to ensure effectiveness and readiness. Security Measures and Monitoring We use a layered, defense-in-depth approach with industry-standard tools and our own processes for threat detection, monitoring, and response. Our security measures include: •Regular system scans, vulnerability assessments, and penetration testing •Ongoing compliance with the Payment Card Industry Data Security Standard (“PCI DSS”) •Deployment of endpoint detection and response (“EDR”) tools and real-time monitoring solutions •Secure development practices are integrated into our digital platforms During fiscal 2026, we conducted both internal and external penetration testing, which identified certain minor vulnerabilities. These findings were promptly remediated, and no threats were identified in these assessments. As part of our vendor management and procurement processes, we conduct cybersecurity due diligence, including reviewing SOC reports and validating data privacy and security practices for vendors with access to our systems or sensitive data. As we modernize our technology platforms and phase out legacy systems, we're strengthening security across identity management, access governance, and software development. Training and Awareness Cybersecurity awareness is a foundational element of our risk management approach. We conduct recurring cybersecurity training for employees across the Company, with targeted modules addressing common threat vectors such as phishing, ransomware, and social engineering. Additional training is provided for employees in roles with elevated access to systems or sensitive data
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our cybersecurity risk management program is designed to protect our systems, data, and customers from a wide range of cyber threats. Our cybersecurity practices are guided by the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework (“CSF”), which categorizes cybersecurity activities into five key functions: identify, protect, detect, respond, and recover.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization. Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments.
Cybersecurity Risk Role of Management [Text Block]	During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization. Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise. In addition, we implemented Drata, a governance, risk, and compliance (“GRC”) platform, to automate and streamline risk management, control monitoring, and compliance processes. This investment strengthens our ability to maintain continuous visibility into our control environment and enhances our overall cybersecurity maturity. The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization. Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise. In addition, we implemented Drata, a governance, risk, and compliance (“GRC”) platform, to automate and streamline risk management, control monitoring, and compliance processes. This investment strengthens our ability to maintain continuous visibility into our control environment and enhances our overall cybersecurity maturity. The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Mar. 31, 2026

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

PetMeds and PetCareRx maintain an enterprise-wide cybersecurity program designed to identify, assess, manage, and mitigate information security risks across the organization. Our program covers governance, policy, prevention, detection, incident response, and recovery, aligned with industry standards.

Cybersecurity Risk Management and Oversight

Our cybersecurity risk management program is designed to protect our systems, data, and customers from a wide range of cyber threats. Our cybersecurity practices are guided by the National Institute of Standards and Technology (“NIST”) Cybersecurity Framework (“CSF”), which categorizes cybersecurity activities into five key functions: identify, protect, detect, respond, and recover.

During fiscal 2026, we enhanced our governance structure by establishing two internal risk committees, an enterprise-wide management risk committee and an executive risk committee, to identify, assess, and manage enterprise risks, including cybersecurity risks, in a coordinated and timely manner. This committee improves cross-functional alignment and helps us proactively manage risk across the organization.

Our management team includes individuals with relevant expertise in information technology and cybersecurity. During fiscal 2026, cybersecurity oversight responsibilities were led by our Chief Digital and Technology Officer and Chief Information Security Officer, both of whom served through the end of the fiscal year and had significant experience in cybersecurity and risk management, including more than two decades of combined experience in these areas. Following their departures in the first quarter of fiscal 2027, these responsibilities have been assigned to other members of management and are supported by internal personnel and an external third-party specialist with relevant cybersecurity expertise.

In addition, we implemented Drata, a governance, risk, and compliance (“GRC”) platform, to automate and streamline risk management, control monitoring, and compliance processes. This investment strengthens our ability to maintain continuous visibility into our control environment and enhances our overall cybersecurity maturity.

The Audit Committee of our Board of Directors oversees cybersecurity risk and receives quarterly updates from management on cybersecurity strategy, threat landscape, incident trends, remediation activities, and other relevant developments.

Incident Detection and Response

We maintain an Incident Response Policy and supporting procedures that define how potential cybersecurity events are identified, escalated, investigated, contained, and remediated. The objectives of our incident response program include:

•Timely investigation and validation of incidents

•Minimization of data loss or service disruption

•Evidence preservation in accordance with legal and regulatory requirements

•Restoration of affected systems and services

•Post-incident review and implementation of corrective actions

•Notification to affected parties and regulators, where appropriate

These procedures are periodically tested and updated to ensure effectiveness and readiness.

Security Measures and Monitoring

We use a layered, defense-in-depth approach with industry-standard tools and our own processes for threat detection, monitoring, and response. Our security measures include:

•Regular system scans, vulnerability assessments, and penetration testing

•Ongoing compliance with the Payment Card Industry Data Security Standard (“PCI DSS”)

•Deployment of endpoint detection and response (“EDR”) tools and real-time monitoring solutions

•Secure development practices are integrated into our digital platforms

During fiscal 2026, we conducted both internal and external penetration testing, which identified certain minor vulnerabilities. These findings were promptly remediated, and no threats were identified in these assessments.

As part of our vendor management and procurement processes, we conduct cybersecurity due diligence, including reviewing SOC reports and validating data privacy and security practices for vendors with access to our systems or sensitive data.

As we modernize our technology platforms and phase out legacy systems, we're strengthening security across identity management, access governance, and software development.

Training and Awareness

Cybersecurity awareness is a foundational element of our risk management approach. We conduct recurring cybersecurity training for employees across the Company, with targeted modules addressing common threat vectors such as phishing, ransomware, and social engineering. Additional training is provided for employees in roles with elevated access to systems or sensitive data

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]