Ingram Micro Ransomware Attack Exposes 3.5TB Data

On July 5, 2025, Ingram Micro, an IT distribution and services company, experienced a major ransomware attack that disrupted operations across its worldwide network. The data breach is believed to have compromised personally identifiable information (PII) such as personnel files, customer records, and bank details.

The ransomware group known as SAFEPAY claimed responsibility for the breach, stating they had infiltrated Ingram Micro’s internal systems. According to the attackers, they were able to maintain prolonged access, exfiltrating approximately 3.5 terabytes of sensitive company data before encrypting files and locking vital servers.

Ingram Micro disclosed the data breach to the U.S. Securities and Exchange Commission (SEC) on July 5, 2025. The company also set up a cybersecurity incident response page on its own website the same day.

According to disclosures on the Ingram Micro website, it took the company multiple days to completely restore business operations after the cyberattack was discovered. Exposed information may include names, dates of birth, Social Security numbers, employee records, customer account numbers, purchase history, and payment or financial information.

Ingram Micro's response

After discovering the attack on its internal systems, Ingram Micro took action to secure its network and notified law enforcement. The company will notify affected individuals once a review is complete.

If you receive a data breach notice from Ingram Micro, you may want to:

• Sign up for the free credit monitoring services, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the company can be found on the Ingram Micro website.