Ingram Micro, one of the world’s largest tech distributors, has confirmed a ransomware attack on its systems. The company identified the issue on July 3 and took steps to secure the affected environment. A leading cybersecurity expert, Graham Cluely of Fortra, warned that SafePay, a notorious ransomware crew, is known for exploiting vulnerabilities in VPN or RDP credentials.
According to Ingram Micro, the attack has caused significant disruption to its services, including the inability to process orders and manage Microsoft 365 and Dropbox licenses. The company apologized for any inconvenience caused and is working diligently to restore affected systems.
The SafePay crew claimed responsibility for the attack, citing misconfigured network security as the reason for their access. They have demanded payment in exchange for restoring data and unlocking servers. Ingram Micro has seven days to negotiate with the attackers.
This is not a politically motivated attack, but rather a ransomware gang seeking money. Experts advise organizations to enforce multi-factor authentication on remote access points and disable unused RDP or VPN access entirely.
As one of the world’s largest tech distributors, Ingram Micro’s disruption to service is significant, with revenues of $48 billion in its prior financial year. The company has apologized for any disruption caused by the attack and is working to resolve the issue.
Source: https://www.theregister.com/2025/07/06/ingram_micro_confirms_ransomware_behind