U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Ransomware attack on Ingram Micro impacts 42,000 individuals

Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details. Ingram Micro is a global technology distributor and supply-chain services company. It acts as a middleman between IT vendors (like Microsoft, Cisco, HP, Apple, and cybersecurity firms) and businesses, resellers, and service providers, helping […]

Xsolis

Ingram Micro says a ransomware attack exposed personal data of about 42,000 people, including names, birth dates, SSNs, and job-related details.

Ingram Micro is a global technology distributor and supply-chain services company. It acts as a middleman between IT vendors (like Microsoft, Cisco, HP, Apple, and cybersecurity firms) and businesses, resellers, and service providers, helping them buy, sell, and deploy technology products and services worldwide.

The company detected a cyber incident on July 3, 2025 and launched an investigation with the help of cybersecurity experts. The company quickly contained the breach, in response to the incident took some systems offline to contain the threat. Ingram announced that it has applied security measures and notified law enforcement.

“On July 3, 2025, we detected a cybersecurity incident involving some of our internal systems. We quickly launched an investigation into the nature and scope of the issue. Based on our investigation, we determined that an unauthorized third party took certain files from some of our internal file repositories between July 2 and 3, 2025.” reads the data breach notification shared with Maine Attorney General’s Office. “We worked diligently to review the affected files to understand their contents. Through this review, we recently learned that some of the affected files include personal information about you.”

Ingram Micro announced it suffered a ransomware attack and found that an unauthorized party stole files from internal systems, some containing personal data.

Ingram Micro restored the affected systems within about a week and fully resumed global operations by July 9.

The exposed files include employment and job applicant records that contain personal information such as name, contact information, date of birth, government-issued identification numbers (for example, Social Security, driver’s license and passport numbers), and certain employment-related information (such as work-related evaluations). According to the data breach notification, the types of affected personal information vary by impacted individual.

The company is offering affected individuals two years of free credit monitoring and identity protection services.

Ingram Micro did not name the cybercrime group behind the security breach, but the Safepay ransomware group claimed the attack.

The group added the company to its Tor leak site and claimed the theft of 3.5 TB of sensitive data, and later published it, suggesting a failed negotiation.

At the time of this writing the download link doesn’t work.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)