Ingram Micro Holding Corporation experienced a significant cybersecurity incident where a ransomware attack disrupted its global operations. The attack, identified on July 5, 2025, affected critical internal systems including order processing, inventory management, and customer relationship functions. The malware encrypted files and employed sophisticated evasion techniques, impacting millions of downstream customers. Ingram Micro responded swiftly, taking affected systems offline and implementing containment protocols to prevent further data encryption. The recovery process included system reimaging and enhanced monitoring solutions to mitigate future risks.
Source: https://cybersecuritynews.com/it-giant-ingram-micro-restores-operations/
TPRM report: https://scoringcyber.rankiteo.com/company/ingram-micro
"id": "ing857071225",
"linkid": "ingram-micro",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Millions of downstream '
'customers',
'industry': 'Technology',
'location': 'Global',
'name': 'Ingram Micro Holding Corporation',
'type': 'Technology distribution company'}],
'attack_vector': ['Undisclosed attack vectors',
'DLL side-loading techniques',
'Process hollowing techniques'],
'data_breach': {'data_encryption': ['Files encryption across certain internal '
'systems']},
'date_detected': '2025-07-05',
'description': 'Ingram Micro Holding Corporation suffered a significant '
'ransomware attack that disrupted its global operations and '
'affected millions of downstream customers. The attack '
'targeted critical internal systems, and the company took '
'immediate containment measures to prevent further data '
'encryption.',
'impact': {'downtime': ['Four days'],
'operational_impact': 'Global operations disruption',
'systems_affected': ['Order processing',
'Inventory management',
'Customer relationship functions']},
'initial_access_broker': {'high_value_targets': ['Order processing',
'Inventory management',
'Customer relationship '
'functions']},
'motivation': 'Financial gain',
'ransomware': {'data_encryption': ['Files encryption across certain internal '
'systems']},
'response': {'containment_measures': ['Taking affected systems offline',
'Preventing lateral movement'],
'enhanced_monitoring': ['Implementation of enhanced monitoring '
'solutions'],
'recovery_measures': ['Implementation of enhanced monitoring '
'solutions'],
'remediation_measures': ['Comprehensive system reimaging',
'Backup restoration']},
'title': 'Ransomware Attack on Ingram Micro Holding Corporation',
'type': 'Ransomware'}