- Ingram Micro confirmed struggling a ransomware assault in July 2025
- It has been revealed this was the work of the SafePay group
- The risk actors have added Ingram Micro to its knowledge leak web site
Ingram Micro has been added to SafePay’s knowledge leak web site, that means the countdown is on earlier than terabytes of knowledge are leaked on the darkish internet.
The corporate suffered a ransomware assault in July 2025 which compelled it to close down elements of its infrastructure. Consequently, its enterprise operations have been disrupted, and a few of its workers have been despatched to do business from home.
The corporate managed to revive its providers relatively quick, however the miscreants made away with 3.5TB of delicate knowledge – which they’re now threatening to launch except they’re paid.
It’s possible you’ll like
Terabytes of delicate information
On the time of the assault, the corporate didn’t say who the risk actors have been, however BleepingComputer has now uncovered the assault was the work of SafePay, a comparatively younger ransomware operation that emerged between September and November, 2024.
This group engages within the standard double-extortion techniques (encryption + knowledge theft), and claims to have breached greater than 200 organizations throughout totally different industries resembling manufacturing, healthcare, or training.
On the time of the assault it was additionally stated SafePay broke by the corporate’s GlobalProtect VPN platform, and left ransom notes on worker gadgets.
Among the many programs impacted by the breach was Ingram Micro’s AI-powered Xvantage distribution platform, and the Impulse license provisioning platform.
Ought to SafePay leak Ingram Micro’s knowledge, it might ship ripples all through the enterprise world, because it is without doubt one of the largest B2B service suppliers and know-how distributors round, servicing greater than 160,000 clients globally, together with giants resembling Apple, HP, and Cisco.
