Skip to main content
close search
site logo

Ingram Micro restores global operations following hack

The company is still assessing the full impact of the ransomware attack, which has been linked to the SafePay hacker group.

Published July 10, 2025
David Jones's headshot
Reporter
close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
Chainarong Prasertthai via Getty Images

Ingram Micro late Wednesday said that it has restored operations to all parts of the globe where it does business, following a ransomware attack that led to a multiday disruption. 

The Irvine, Calif.-based technology firm said its teams are still working with customer and vendor partners to help support them following the disruption. 

The company on Saturday confirmed it was investigating a ransomware attack that disrupted its ability to process orders. It operates a digital platform called Ingram Micro Xvantage, which provides customers with insights, order tracking, pricing and other information. 

A cybercrime group dubbed SafePay has claimed responsibility for the attack, but it remains unclear how much data they stole and the number of customers the hack affected.

SafePay has transformed into one of the most active ransomware groups in the world and has been linked to more than 200 victims, according to researchers at Acronis

The group, believed to have spun out of LockBit,  has targeted managed service providers and a range of small- to medium-sized businesses across various sectors, according to Acronis.

Ingram Micro declared the incident contained on Tuesday and said it was continuing to investigate the scope of the impact. It filed an incident disclosure with the Securities and Exchange Commission on Monday. 

The company has been working with law enforcement and third-party forensic experts on the investigation

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
Lab 1 unveils industry-first capability to safely preview exposed files from data breaches
From Lab 1
July 10, 2025
Lab 1 logo
Blackpoint Cyber Appoints Gagan Singh to Chief Executive Officer and Names Jon Murchison Execu…
From Blackpoint Cyber
June 23, 2025
Blackpoint Cyber logo
AAMCO Data Breach Investigation
From Migliaccio & Rathod LLP
June 25, 2025
Cybercriminals Target Legal Sector, NINJIO Reports
From NINJIO
June 26, 2025
NINJIO logo
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.