Ethical Hacking News
Ingram Micro has admitted to a summer ransomware attack that exposed thousands of staff records, including basic personal information and identity document numbers. The company took steps to contain and remediate the unauthorized activity but faced criticism from customers about its communication during the incident.
Ingram Micro admitted to a summer ransomware attack that compromised tens of thousands of employees' personal data.The attack exposed basic personal information, including names, contact info, and identity document numbers.Ransomware group SafePay claimed responsibility for the attack, allegedly stealing 3.5 TB worth of Ingram's files.The incident had a significant financial impact on Ingram Micro, with daily revenues affected by brief disruptions.Ingram Micro did not provide details about the payment made to the ransomware group or whether it paid the demanded ransom.
In a recent filing with the attorney general's office in Maine, Ingram Micro has admitted to a summer ransomware attack that compromised the personal data of tens of thousands of employees. The distributor, which is responsible for providing technology solutions to businesses and governments across North America, revealed that the attack exposed basic personal information such as names, contact information, and dates of birth, as well as identity document numbers like passports, driver's licenses, and Social Security numbers.
According to Ingram Micro, the ransomware attack took place on July 2, 2025, and was detected a day later. The company quickly shut down its systems and initiated an investigation with the assistance of leading cybersecurity experts. As part of the incident response, Ingram Micro also notified law enforcement agencies about the breach.
The letter sent to each affected employee and job applicant explains that the attack resulted in the exposure of employment-related information, including work-related evaluations. The company assured those affected that it was taking steps to contain and remediate the unauthorized activity and to prevent similar incidents from occurring in the future.
Ransomware group SafePay claimed responsibility for the attack, allegedly stealing 3.5 TB worth of Ingram's files. However, after shutting down its systems, Ingram Micro was unable to manage its customers' services, while other insiders reported that staff in some regional offices were sent home due to the impact of the ransomware attack.
The incident had a significant financial impact on Ingram Micro, with daily revenues of approximately $190 million being affected by brief disruptions. Customers also criticized the company's communication during the incident, with some unable to find information about the attack until The Register directed them to the relevant updates.
Ingram Micro did not provide any specific details about the payment made to the ransomware group or whether it paid the demanded ransom. However, after a July 31 deadline passed, SafePay claimed to have published the company's data but failed to make it available for download.
The Register has sought more information from Ingram Micro regarding the incident and its response. The attack highlights the ongoing threat posed by ransomware attacks and the importance of companies taking proactive measures to protect their customers' personal data.
Related Information:
https://www.ethicalhackingnews.com/articles/Ingram-Micro-Admits-to-Ransomware-Attack-Exposing-Thousands-of-Staff-Records-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/01/19/ingram_micro_ransomware_affects/
https://www.theregister.com/2026/01/19/ingram_micro_ransomware_affects/
https://cybernews.com/security/ingram-micro-struck-by-ransomware/
Published: Mon Jan 19 06:42:18 2026 by llama3.2 3B Q4_K_M
