Ingram Micro Confirms Ransomware Behind Multi-Day Outage
GLOBAL OPERATIONS INCLUDING BULGARIA, JUL 6 – The SafePay ransomware group exploited VPN weaknesses to disrupt Ingram Micro's global IT systems, risking daily revenue losses of up to $136 million, the company said.
- Ingram Micro confirmed a ransomware attack linked to the SafePay gang caused a multi-day IT outage starting early Thursday, July 3, 2025.
- The attack followed a breach via Ingram Micro’s GlobalProtect VPN platform, prompting the company to shut down internal systems and restrict VPN access.
- The outage has taken all Ingram Micro websites offline, redirected partners to a cyber incident message, and hampered order processing and software licensing.
- Matt Hull of NCC identified SafePay as one of the most active ransomware groups in 2025, attributing 18% of attacks to them, while Ingram Micro reported ongoing efforts to recover and resume normal operations.
- Ingram Micro launched a forensic investigation, notified law enforcement, and apologized for disruption, but has not disclosed financial impact or attack details publicly.
Insights by Ground AI
Does this summary seem wrong?
48 Articles
48 Articles
The global distributor Ingram Micro suffered a ransomware attack in early July 2025. The malware kneeled the company's systems and paralyzed all of its operations.
Coverage Details
Total News Sources48
Leaning Left0Leaning Right0Center4Last UpdatedBias Distribution100% Center
Bias Distribution
- 100% of the sources are Center
100% Center
C 100%
Factuality
To view factuality data please Upgrade to Premium