Ingram Micro Data Breach Exposes PII of 42,000 Individuals
On January 21, 2026, Ingram Micro Inc., a global technology distributor, disclosed a cybersecurity incident that compromised the personal data of approximately 42,000 individuals. An unauthorized actor accessed the company’s network, potentially acquiring sensitive personally identifiable information (PII), including names, contact details, dates of birth, government-issued IDs (such as Social Security, driver’s license, and passport numbers), and employment-related records like work evaluations.
The breach is currently under investigation by Lynch Carpenter LLP, a national class action law firm, which is reviewing potential legal claims on behalf of affected individuals. Ingram Micro has not yet provided further details on the timeline of the breach or the methods used by the attacker.
This incident adds to a growing list of data breaches exposing sensitive personal and professional information, raising concerns about the security of third-party vendors handling large volumes of PII. Affected individuals may face heightened risks of identity theft and fraud as a result.
Ingram Micro cybersecurity rating report: https://www.rankiteo.com/company/ingram-micro
"id": "ING1769038099",
"linkid": "ingram-micro",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '42,000',
'industry': 'Technology Distribution',
'location': 'Global',
'name': 'Ingram Micro Inc.',
'type': 'Company'}],
'data_breach': {'number_of_records_exposed': '42,000',
'personally_identifiable_information': 'Names, contact '
'details, dates of '
'birth, Social '
'Security numbers, '
'driver’s license '
'numbers, passport '
'numbers, '
'employment-related '
'records',
'sensitivity_of_data': 'High (government-issued IDs, '
'employment records)',
'type_of_data_compromised': 'Personally identifiable '
'information (PII)'},
'date_publicly_disclosed': '2026-01-21',
'description': 'On January 21, 2026, Ingram Micro Inc., a global technology '
'distributor, disclosed a cybersecurity incident that '
'compromised the personal data of approximately 42,000 '
'individuals. An unauthorized actor accessed the company’s '
'network, potentially acquiring sensitive personally '
'identifiable information (PII), including names, contact '
'details, dates of birth, government-issued IDs (such as '
'Social Security, driver’s license, and passport numbers), and '
'employment-related records like work evaluations.',
'impact': {'brand_reputation_impact': 'Raised concerns about the security of '
'third-party vendors handling large '
'volumes of PII',
'data_compromised': 'Personally identifiable information (PII), '
'including names, contact details, dates of '
'birth, government-issued IDs (Social '
'Security, driver’s license, passport '
'numbers), and employment-related records',
'identity_theft_risk': 'Heightened risks of identity theft and '
'fraud',
'legal_liabilities': 'Potential legal claims being reviewed by '
'Lynch Carpenter LLP'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Incident disclosure'}],
'regulatory_compliance': {'legal_actions': 'Potential class action lawsuit '
'being reviewed'},
'response': {'third_party_assistance': 'Lynch Carpenter LLP (investigating '
'potential legal claims)'},
'title': 'Ingram Micro Data Breach Exposes PII of 42,000 Individuals',
'type': 'Data Breach'}