- Ingram Micro suffered a July 2025 ransomware attack affecting 42,521 individuals
- Stolen data included personal identifiers and employment records, varying by individual
- SafePay claims responsibility, alleging theft of 3.5TB; ransom demand likely millions
IT giant Ingram Micro has disclosed that it experienced a ransomware attack resulting in the loss of sensitive data for tens of thousands of individuals.
In a recent report submitted to the Maine Attorney General’s Office, along with data breach notification letters sent to those affected, Ingram Micro stated that it detected a cyber-intrusion in July 2025 and initiated an investigation:
"On July 3, 2025, we detected a cybersecurity incident involving some of our internal systems. We quickly launched an investigation into the nature and scope of the issue. Based on our investigation, we determined that an unauthorized third party took certain files from some of our internal file repositories between July 2 and 3, 2025," the letter states.
Thousands of Victims
The affected files include employment and job applicant records that contain personal information such as names, contact details, dates of birth, government-issued identification numbers (like Social Security, driver's license, and passport numbers), and certain employment-related information (such as work evaluations).
In the filing, Ingram Micro confirmed that exactly 42,521 individuals were impacted, with the stolen data varying for each person.
To address the breach, the company took standard measures: it launched an investigation with the help of a third-party security firm, notified law enforcement and relevant authorities, alerted affected individuals, and offered free credit monitoring and identity theft protection services for two years.
While the company did not disclose the identity of the threat actors, BleepingComputer reported that SafePay claimed responsibility shortly after the attack. The group stated on its dark web leak portal that it stole 3.5TB of sensitive documents from Ingram Micro. We could not independently verify these claims, nor do we know the ransom amount SafePay demanded for the return of the stolen data.
Given Ingram Micro's status as a B2B giant with over 160,000 customers, it is reasonable to assume that the ransom demand may have reached millions.