- Ingram Micro tells some employees to work from home as it tackles cyberattack
- Unconfirmed reports claim the attack is the work of SafePay
- No information about stolen data yet
Ingram Micro, a global distributor of information technology (IT) products and services, has confirmed it suffered a ransomware attack which forced it to shut down parts of its infrastructure, prevented it from operating properly, and sent some of its employees to work from home.
In a press release published on its website, the company said it recently identified ransomware on “certain of its internal systems.” As a result, it “proactively” took some systems offline, and implemented “other mitigation measures”. Third-party cybersecurity experts were also brought in to assist with the investigation, and the police were notified.
“Ingram Micro is working diligently to restore the affected systems so that it can process and ship orders, and the company apologizes for any disruption this issue is causing its customers, vendor partners, and others,” the press release concludes.
Smuggling through
While Ingram Micro did not detail the attack, the culprits, or sensitive files potentially stolen in the attack, BleepingComputer reported that the incident was the work of SafePay, a relatively young ransomware operation that emerged between September and November, 2024.
This group engages in the usual double-extortion tactics (encryption + data theft), and claims to have breached more than 200 organizations across different industries such as manufacturing, healthcare, or education.
The publication also reports that SafePay’s hackers broke in through the company’s GlobalProtect VPN platform, and left ransom notes on employee devices. Some employees were sent to work from home and were allegedly told not to use the GlobalProtect VPN access.
Among the systems impacted by the breach is Ingram Micro’s AI-powered Xvantage distribution platform, and the Impulse license provisioning platform. Other internal services are operating as usual.
Ingram Micro is a giant in the IT products and services industry, servicing more than 160,000 customers globally, including giants such as Apple, HP, or Cisco.
Leave a comment