Ingram Micro: Ingram Micro Data Breach Exposes Sensitive Information of Over 40,000 People

Ingram Micro Data Breach Exposes Sensitive Information of Over 40,000 Individuals

U.S.-based IT distributor Ingram Micro disclosed a data security incident from last year that compromised the personal information of more than 40,000 individuals. The breach, which occurred in 2024, exposed sensitive data, though specific details about the type of information affected and the attack vector remain undisclosed.

Ingram Micro, a major provider of technology products and services, serves businesses globally, making the incident particularly notable for its potential impact on downstream partners and customers. The company has not released further technical or forensic details about the breach, including whether it resulted from a cyberattack, misconfiguration, or insider threat.

The disclosure follows a pattern of high-profile breaches in recent months, including incidents at Minnesota’s Department of Human Services (affecting over 300,000 individuals) and Canada’s CIRO (impacting 750,000 investors). While the full scope of the Ingram Micro breach’s consequences is still unclear, such incidents underscore ongoing risks to supply chain security and the protection of personally identifiable information (PII).

Source: https://www.teiss.co.uk/news/ingram-micro-data-breach-exposes-sensitive-information-of-over-40000-people-16980

Ingram Micro cybersecurity rating report: https://www.rankiteo.com/company/ingram-micro

"id": "ING1769002251",
"linkid": "ingram-micro",
"type": "Breach",
"date": "6/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '40,000+ individuals',
                        'industry': 'Technology/IT Distribution',
                        'location': 'U.S.',
                        'name': 'Ingram Micro',
                        'type': 'IT Distributor'}],
 'data_breach': {'number_of_records_exposed': '40,000+',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal information, sensitive '
                                             'data'},
 'date_detected': '2024',
 'description': 'U.S.-based IT distributor Ingram Micro disclosed a data '
                'security incident from last year that compromised the '
                'personal information of more than 40,000 individuals. The '
                'breach, which occurred in 2024, exposed sensitive data, '
                'though specific details about the type of information '
                'affected and the attack vector remain undisclosed. The '
                'company has not released further technical or forensic '
                'details about the breach, including whether it resulted from '
                'a cyberattack, misconfiguration, or insider threat.',
 'impact': {'data_compromised': 'Personal information of over 40,000 '
                                'individuals',
            'identity_theft_risk': 'High'},
 'references': [{'source': 'Cyber Incident Description'}],
 'title': 'Ingram Micro Data Breach Exposes Sensitive Information of Over '
          '40,000 Individuals',
 'type': 'Data Breach'}