Breaking News
Ingram Micro disclosed that a July 2025 ransomware attack compromised the personal data of 42,521 employees and job applicants, according to a filing with the Maine attorney general's office.
The distributor confirmed in a letter to affected individuals that the attack occurred on July 2, with detection following a day later on July 3. Upon discovering the breach, Ingram Micro shut down its systems.
The compromised data included basic personal information such as names, contact details, and dates of birth, as well as identity document numbers from passports, driver's licenses, and Social Security numbers. Employment-related information, including work-related evaluations, was also exposed.
"Promptly upon detecting the issue, we began taking steps to contain and remediate the unauthorized activity, including proactively taking certain systems offline and implementing other mitigation measures," the company said in the letter. "We also initiated an investigation with the assistance of leading cybersecurity experts and notified law enforcement."
Ransomware group SafePay claimed responsibility for the attack, alleging it stole 3.5 terabytes of Ingram's files.
While Ingram Micro partially resumed order processing within days of the intrusion, limiting operational disruption compared to contemporaneous attacks on retailers M&S and automaker JLR, the impact remained significant. With daily revenues of approximately $190 million, even brief disruptions carried substantial financial costs.
Customers criticized the company's communication during the incident, with some unable to locate Ingram's attack updates.
SafePay set a July 31 deadline for Ingram to pay an undisclosed ransom. The deadline passed and the group claimed to have published the company's data, but the download link does not work.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
