- Ingram Micro suffered a July 2025 ransomware attack affecting 42,521 individuals
- Stolen data included personal identifiers and employment records, varying by individual
- SafePay claims responsibility, alleging theft of 3.5TB; ransom demand likely millions
IT giant Ingram Micro has revealed that it suffered a ransomware attack in which it lost sensitive data on tens of thousands of people.
In a new report filed with the Maine Attorney General’s Office, as well as data breach notification letters that were sent out to affected individuals, Ingram Micro said that it detected a cyber-intrusion in July 2025 and launched an investigation:
“On July 3, 2025, we detected a cybersecurity incident involving some of our internal systems. We quickly launched an investigation into the nature and scope of the issue. Based on our investigation, we determined that an unauthorized third party took certain files from some of our internal file repositories between July 2 and 3, 2025,” the letter reads.
Thousands of victims
“The affected files include employment and job applicant records that contain personal information such as name, contact information, date of birth, government-issued identification numbers (for example, Social Security, driver’s license and passport numbers), and certain employment-related information (such as work-related evaluations).”
In the filing, Ingram Micro said exactly 42,521 individuals were affected, and that data stolen varies from person to person.
To tackle the breach, the company did what most companies do: launched an investigation with the assistance of a third-party security firm, notified law enforcement and relevant authorities, alerted affected individuals, and offered free credit monitoring and identity theft protection services for two years.
While the company did not say who the threat actors were, BleepingComputer found that SafePay claimed responsibility a few weeks after the attack. On its dark web leak portal, the group said it stole 3.5TB of sensitive documents from Ingram Micro. We could not independently verify these claims, and don’t know how much money SafePay demanded in exchange for deleting the stolen data.
Since Ingram Micro is a B2B giant with more than 160,000 customers, it’s safe to assume the demand may have reached the millions.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/KNuiSqpPz8yXiQ6Q3WVVxX-800-80.jpg
Source link
