Ransomware cyber

Ingram Micro

Jul 7, 2025 1 min read
Ingram Micro

Ingram Micro, a global distributor of information technology (IT) products and services, has confirmed it suffered a ransomware attack which forced it to shut down parts of its infrastructure, preventing it from operating properly, and sent some of its employees to work from home. The attack, reportedly the work of SafePay, encrypted data and left ransom notes on employee devices. The company's AI-powered Xvantage distribution platform and Impulse license provisioning platform were impacted.

Source: https://www.techradar.com/pro/security/ingram-micro-confirms-ransomware-attack-internal-systems-affected-and-shut-down

TPRM report: https://scoringcyber.rankiteo.com/company/ingram-micro

"id": "ing721070725",
"linkid": "ingram-micro",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Information Technology',
                        'location': 'Global',
                        'name': 'Ingram Micro',
                        'size': 'Large (servicing over 160,000 customers '
                                'globally)',
                        'type': 'IT products and services distributor'}],
 'attack_vector': ['GlobalProtect VPN platform'],
 'description': 'Ingram Micro, a global distributor of IT products and '
                'services, suffered a ransomware attack which forced it to '
                'shut down parts of its infrastructure and sent some employees '
                'to work from home.',
 'impact': {'operational_impact': ['Disruption in processing and shipping '
                                   'orders'],
            'systems_affected': ['AI-powered Xvantage distribution platform',
                                 'Impulse license provisioning platform']},
 'initial_access_broker': {'entry_point': 'GlobalProtect VPN platform'},
 'investigation_status': 'Ongoing',
 'motivation': ['Financial gain', 'Data theft'],
 'ransomware': {'ransomware_strain': 'SafePay'},
 'references': [{'source': 'TechRadar'}],
 'response': {'communication_strategy': ['Press release published'],
              'containment_measures': ['Systems taken offline',
                                       'Employees sent to work from home'],
              'law_enforcement_notified': 'Yes',
              'recovery_measures': ['Restoring affected systems'],
              'remediation_measures': ['Mitigation measures implemented'],
              'third_party_assistance': 'Third-party cybersecurity experts'},
 'threat_actor': 'SafePay',
 'title': 'Ingram Micro Ransomware Attack',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.