38/69 Wednesday, January 21, 2026
Ingram Micro, a global technology distributor and supply chain services provider, disclosed that it detected a ransomware-related cyberattack on July 3, 2025. The investigation revealed that unauthorized actors accessed and exfiltrated files from the company’s internal systems between July 2 and July 3, 2025. As a result of the incident, the personal data of approximately 42,000 individuals was exposed. The company stated that it worked with external cybersecurity experts, temporarily shut down certain systems to contain the damage, and notified relevant law enforcement authorities.
According to a data breach notification filed with the Attorney General’s office, some of the compromised files contained personal information belonging to employees and job applicants. This information may have included full names, contact details, dates of birth, government-issued identification numbers (such as Social Security numbers, driver’s license numbers, or passport numbers), as well as employment-related information such as performance evaluations. The specific types of data affected may vary by individual.
Ingram Micro reported that it was able to restore the impacted systems within approximately one week and fully resume global operations by July 9, 2025. The company is also offering two years of free credit monitoring and identity theft protection services to affected individuals. While Ingram Micro has not officially confirmed the identity of the attackers, reports indicate that the Safepay ransomware group has claimed responsibility, alleging that it stole up to 3.5 terabytes of data and released some of the information after negotiations failed. However, the alleged data download link has not been publicly accessible.
Source https://dg.th/kqv0orgx9l
