CyberSecurityBoard
Sponsor Register Login

Safepay ransomware threatens to leak 3.5TB of Ingram Micro data

As BleepingComputer reported earlier this month, Ingram Micro also suffered a global outage caused by the SafePay ransomware attack, with employees told to work from home and the company's website and ordering systems taken offline. The SafePay ransomware gang is threatening to leak 3.5TB of data belonging to IT giant Ingram Micro, allegedly stolen from the company's compromised systems earlier this month. While BleepingComputer first reported on July 5 that SafePay was behind this incident, the ransomware gang didn't claim responsibility for the attack until earlier this week, when it added the tech giant to its dark web leak portal. Ingram Micro quickly recovered from the incident, restoring many of the internal systems and platforms impacted by the attack within days, allowing employees greater access to its ordering system. Ingram Micro is one of the world's largest business-to-business service providers and technology distributors, offering a wide range of solutions to resellers and managed service providers worldwide, including hardware, software, cloud services, logistics, and training. SafePay ransomware is a private operation that surfaced in September 2024 and has since added over 260 victims to its leak site; however, the actual number is likely larger, as only victims who don't pay are listed. However, the company has yet to confirm that SafePay ransomware was behind the breach and whether the attackers stole data from its compromised systems.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 30 Jul 2025 18:00:27 +0000


Cyber News related to Safepay ransomware threatens to leak 3.5TB of Ingram Micro data

Safepay ransomware threatens to leak 3.5TB of Ingram Micro data - As BleepingComputer reported earlier this month, Ingram Micro also suffered a global outage caused by the SafePay ransomware attack, with employees told to work from home and the company's website and ordering systems taken offline. The SafePay ...
2 months ago Bleepingcomputer.com
Ingram Micro outage caused by SafePay ransomware attack - An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. Systems that are impacted in many locations include the company's AI-powered Xvantage ...
3 months ago Bleepingcomputer.com
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
7 months ago Cybersecuritynews.com
Ingram Micro starts restoring systems after ransomware attack - Ingram Micro has begun restoring systems and business services after suffering a massive SafePay ransomware attack right before the July 4th holiday. Last Thursday, IT distributor and services giant Ingram Micro suffered a global outage, with ...
2 months ago Bleepingcomputer.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
6 months ago Cybersecuritynews.com
SafePay Ransomware Leverages RDP and VPN for Intruding Into Organizations Network - The technical analysis reveals that SafePay employs classic yet highly effective tactics, including the disabling of endpoint protection systems, deletion of shadow copies, and systematic clearing of system logs to suppress detection and incident ...
2 months ago Cybersecuritynews.com LockBit
Ingram Micro suffers global outage as internal systems inaccessible - IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. Ingram Micro customers ...
3 months ago Bleepingcomputer.com
Embracing Sustainability: Embark on the Journey to a More Sustainable Future! - Sustainability isn't just about protecting the planet for future generations. It's also about preserving the delicate balance that allows life to thrive today and tomorrow. In a world where environmental concerns are growing more urgent with each ...
1 year ago Feedpress.me
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 year ago Aws.amazon.com
IT Giant Ingram Micro Restores Operations Following Ransomware Attack - The attack, first identified on July 5, 2025, represents one of the most notable ransomware incidents affecting a major technology distribution company this year, highlighting the sophisticated nature of modern cyber threats targeting critical supply ...
2 months ago Cybersecuritynews.com
IT Gain Ingram Micro Internal Systems Hit by Ransomware Attack - The ransomware attack appears to have targeted the company’s internal operational systems, potentially including enterprise resource planning (ERP) platforms, customer relationship management (CRM) databases, and supply chain management ...
3 months ago Cybersecuritynews.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
IT company Ingram Micro says ransomware targeted internal systems | The Record from Recorded Future News - Cybersecurity expert Rebecca Moody said her team at research firm Comparitech has tracked 238 attacks by the SafePay group, including recent incidents affecting government technology contractor Conduent and British tech company Microlise. The company ...
3 months ago Therecord.media
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
SafePay Ransomware Claiming Attacks Over 73 Victims - SafePay ransomware has emerged as a significant threat in the cybersecurity landscape, reportedly targeting over 73 victims with its malicious campaigns. This ransomware strain encrypts victims' data and demands hefty ransoms for decryption keys, ...
1 month ago Cybersecuritynews.com SafePay
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
1 year ago Bleepingcomputer.com LockBit Akira
Cactus ransomware claim to steal 1.5TB of Schneider Electric data - The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. 25MB of allegedly stolen were also leaked on the operation's dark web leak site today as proof of the threat actor's ...
1 year ago Bleepingcomputer.com LockBit Cactus
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com LockBit Snatch
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
1 year ago Feeds.fortinet.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
1 year ago Bleepingcomputer.com LockBit Akira Noescape
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
1 year ago Bleepingcomputer.com Medusa Cuba STORMOUS
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
1 year ago Bleepingcomputer.com LockBit Inc ransom Black Basta

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)