"More than six months after a ransomware attack, Ingram Micro has announced how many people have been affected. The data breach affected more than 42,000 individuals, including employees and job applicants, whose personal data was stolen between July 2 and July 3, 2025. On July 3, 2025, the IT distributor discovered that an unauthorized third party had stolen files from internal storage systems. The company went offline that day and immediately launched an investigation with cybersecurity experts."
"SafePay ransomware group claimed responsibility The attack was carried out by the SafePay ransomware group, a relatively young but fast-growing cybercriminal organization. SafePay claimed to have stolen 3.5 terabytes of data and posted Ingram Micro on their darknet site. By May 2025, the group had already carried out 70 attacks, accounting for 18 percent of all measured compromises in that month."
"According to their own statements, the attackers used GlobalProtect, Ingram Micro's VPN solution, as their access route. The company is said to have implemented security configurations incompletely, giving criminals ample time to explore the systems. Ingram Micro is offering two years of free credit monitoring and identity protection services to affected employees and job applicants. The company advises those affected to remain vigilant by checking their bank statements and using free credit reports."
More than 42,000 individuals, including employees and job applicants, had personal data stolen between July 2 and July 3, 2025. On July 3 the IT distributor discovered an unauthorized third party had stolen files from internal storage systems, went offline, launched an investigation with cybersecurity experts, proactively took systems offline, and notified police. Stolen information included names, contact details, dates of birth, social security numbers, driver's license and passport numbers, and work-related records such as performance reviews; the specific data affected varied by person. The SafePay ransomware group claimed responsibility, stating 3.5 terabytes were taken and posting data on a darknet site. The attackers reportedly used GlobalProtect VPN access and exploited incomplete security configurations. Ingram Micro offered two years of free credit monitoring and identity protection and advised affected people to monitor bank statements and credit reports.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]