Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. Last Thursday, IT distributor and services giant Ingram Micro suffered a global outage, with their website and ordering systems taken offline, and employees told to work from home. While Ingram Micro is quickly recovering from the attack, BleepingComputer was told that the restoration process is far from over, with employees gradually transitioning back to in-office work. Since Monday, Ingram Micro has begun restoring some of its business operations, stating that it has resumed accepting orders via phone and email in many countries. BleepingComputer contacted Ingram Micro about whether data was believed to have been stolen and will update the story if we receive a response. "Subscription orders, including renewals and modifications, are available globally and are being processed centrally via Ingram Micro's support organization," Ingram Micro announced on Monday. In addition, BleepingComputer has learned that the company performed a company-wide password and multi-factor authentication (MFA) reset, and has begun restoring VPN access to employees. Saturday morning, BleepingComputer exclusively reported that a SafePay ransomware attack was behind the outage, with the company confirming a ransomware attack later that night. Numerous internal systems and platforms, many related to ordering, logistics, and fulfillment, have been restored yesterday and today, allowing employees greater access to the company's ordering system. Lawrence Abrams Lawrence Abrams is the owner and Editor in Chief of BleepingComputer.com. Lawrence's area of expertise includes Windows, malware removal, and computer forensics.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 09 Jul 2025 15:15:10 +0000