IT Gain Ingram Micro Internal Systems Hit by Ransomware Attack

The ransomware attack appears to have targeted the company’s internal operational systems, potentially including enterprise resource planning (ERP) platforms, customer relationship management (CRM) databases, and supply chain management applications. The company’s AI-powered digital platform, Ingram Micro Xvantage™, which provides integrated hardware and cloud subscription services, experienced service interruptions affecting order tracking, billing automation, and inventory management systems. Customer-facing applications, including e-commerce portals, partner relationship management systems, and technical support platforms, have been affected by the security incident. Global technology distributor Ingram Micro has confirmed that its internal systems have been compromised by ransomware, leading to significant operational disruptions across its worldwide IT ecosystem operations. Ingram Micro has issued formal notifications to affected customers, vendor partners, and stakeholders, acknowledging the operational challenges caused by the cybersecurity breach. The company has also notified federal law enforcement agencies, including the FBI’s Internet Crime Complaint Center (IC3) and the Cybersecurity and Infrastructure Security Agency (CISA). The Irvine, California-based company, which serves nearly 90% of the global population through its distribution network, disclosed the cybersecurity incident on July 5, 2025, following the discovery of malicious encryption software on critical infrastructure components. The company’s Security Operations Center (SOC) likely activated its Computer Security Incident Response Team (CSIRT) to coordinate the technical response and forensic analysis. Ingram Micro confirmed ransomware on internal systems, immediately taking affected systems offline. These containment procedures align with industry-standard practices outlined in frameworks such as the NIST Cybersecurity Framework (CSF) and ISO 27035 incident management protocols. Company working to restore systems and resume normal operations after the July 2025 breach.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 07 Jul 2025 17:15:13 +0000

Cyber News related to IT Gain Ingram Micro Internal Systems Hit by Ransomware Attack

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
7 months ago Cybersecuritynews.com

10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
6 months ago Cybersecuritynews.com

Ingram Micro outage caused by SafePay ransomware attack - An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Systems that are impacted in many locations include the company's AI-powered Xvantage ...
3 months ago Bleepingcomputer.com

Ingram Micro starts restoring systems after ransomware attack - Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. Last Thursday, IT distributor and services giant Ingram Micro suffered a global outage, with ...
2 months ago Bleepingcomputer.com

Ingram Micro suffers global outage as internal systems inaccessible - IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. Ingram Micro customers ...
3 months ago Bleepingcomputer.com

IT Gain Ingram Micro Internal Systems Hit by Ransomware Attack - The ransomware attack appears to have targeted the company’s internal operational systems, potentially including enterprise resource planning (ERP) platforms, customer relationship management (CRM) databases, and supply chain management ...
3 months ago Cybersecuritynews.com

IT Giant Ingram Micro Restores Operations Following Ransomware Attack - The attack, first identified on July 5, 2025, represents one of the most notable ransomware incidents affecting a major technology distribution company this year, highlighting the sophisticated nature of modern cyber threats targeting critical supply ...
2 months ago Cybersecuritynews.com

Embracing Sustainability: Embark on the Journey to a More Sustainable Future! - Sustainability isn't just about protecting the planet for future generations. It's also about preserving the delicate balance that allows life to thrive today and tomorrow. In a world where environmental concerns are growing more urgent with each ...
1 year ago Feedpress.me

Safepay ransomware threatens to leak 3.5TB of Ingram Micro data - As BleepingComputer reported earlier this month, Ingram Micro also suffered a global outage caused by the SafePay ransomware attack, with employees told to work from home and the company's website and ordering systems taken offline. The SafePay ...
2 months ago Bleepingcomputer.com

The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com Qilin Cactus Black Basta

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta

The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
1 year ago Bleepingcomputer.com LockBit BianLian Akira Cactus

Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base

Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa

Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com

The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
1 year ago Bleepingcomputer.com LockBit Akira Noescape

Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
1 year ago Bleepingcomputer.com Medusa Cuba STORMOUS

Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
1 year ago Bleepingcomputer.com LockBit Akira

The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
1 year ago Bleepingcomputer.com LockBit Inc ransom Black Basta

Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
1 year ago Techrepublic.com

Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
1 year ago Feeds.fortinet.com

The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
1 year ago Bleepingcomputer.com LockBit Cactus

Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com Scattered Spider LockBit

Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
1 year ago Securityboulevard.com