Info know-how large Ingram Micro has revealed {that a} ransomware assault on its methods in July 2025 led to a knowledge breach affecting over 42,000 people.
Ingram Micro, one of many world’s largest business-to-business service suppliers and know-how distributors, has over 23,500 associates, greater than 161,000 clients, and reported web gross sales of $48 billion in 2024.
In knowledge breach notification letters filed with Maine’s Legal professional Common and despatched to these affected by the incident, the corporate stated the attackers stole paperwork containing a variety of non-public data, together with Social Safety numbers.
“On July 3, 2025, we detected a cybersecurity incident involving a few of our inner methods. We rapidly launched an investigation into the character and scope of the difficulty. Based mostly on our investigation, we decided that an unauthorized third celebration took sure recordsdata from a few of our inner file repositories between July 2 and three, 2025,” the IT large revealed.
“The affected recordsdata embrace employment and job applicant data that include private data akin to identify, contact data, date of delivery, government-issued identification numbers (for instance, Social Safety, driver’s license and passport numbers), and sure employment-related data (akin to work-related evaluations).”
The July 2025 assault additionally triggered a large outage that took down Ingram Micro’s inner methods and web site, which prompted the corporate to ask staff to earn a living from home.
Whereas Ingram Micro has but to hyperlink the breach to a selected risk group, it confirmed that the attackers deployed ransomware on its methods after BleepingComputer first reported on July 5 that the SafePay ransomware gang was behind the assault.
The cybercrime group additionally claimed duty three weeks later, including the tech large to its darkish internet leak portal and stating that it had stolen 3.5TB of paperwork.
SafePay surfaced in September 2024 as a personal operation and has since added lots of of victims to its leak web site. Nevertheless, the precise variety of victims is probably going bigger, seeing that solely those that do not pay are listed.
This ransomware operation can also be identified for its double-extortion techniques, stealing delicate paperwork earlier than encrypting victims’ methods and threatening to leak the stolen recordsdata on-line if a ransom will not be paid.
Because the begin of 2025, SafePay has slowly stuffed the hole left by LockBit and BlackCat (ALPHV) ransomware, changing into one of the lively ransomware teams.
An Ingram Micro spokesperson has but to answer after BleepingComputer reached out for extra particulars on the assault and to verify that SafePay ransomware was behind the breach.
It is finances season! Over 300 CISOs and safety leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, determine rising traits, and evaluate their priorities as they head into 2026.
Learn the way high leaders are turning funding into measurable influence.
