A ransomware attack has severely disrupted Ingram Micro’s services. The perpetrators are demanding ransom from the company.
Ingram Micro joins the illustrious and long list of companies that have fallen victim to ransomware. The company announced this Sunday morning with a brief statement. In it, Ingram Micro acknowledges that it “encountered ransomware on internal systems” and that it has taken measures.
Ingram Micro is gradually recovering from the incident. It is resuming operations in countries including Germany, Spain, Italy, France, and the United States. Other markets are not specifically mentioned. Passwords, MFA security, and VPN access have been restored for employees.
Services Disrupted
Ingram Micro is a distributor of IT services that operates globally, including in Europe. Last week, reports came in that the company’s services were severely disrupted. Local websites are down and customer service and partner platforms have also been restricted. According to sources from The Register, employees were sent home with instructions to keep their laptops offline to prevent further spread.
After several days of chaos, the IT distributor has now come forward with an official message. Ingram Micro is not providing much more information than that mitigating measures have been taken and external experts have been brought in for further investigation. Customers and partners receive an apology for the inconvenience.
SafePay
The suspected perpetrators have made themselves known. The SafePay group claims responsibility for the attack, according to a threatening letter made public via BleepingComputer. An incorrect network configuration allegedly opened the doors. “Consider it paid training for your system administrators”, the letter says mockingly.
The attackers allegedly have purely economic motives and give Ingram Micro seven days to meet their demands. SafePay first surfaced at the end of 2024, but is rapidly claiming victims. 220 attacks have already been attributed to SafePay, making it one of the most active gangs at the moment.
This article originally appeared on July 7 and has been updated with the latest information.