Ingram Micro shuts down systems following significant ransomware attack

Ingram Micro, an American distributor of information technology products and services, recently reported a significant data security incident that forced the company to take its website and other critical systems offline.

 

Based in Irvine, California, Ingram Micro is a global leader in technology and supply chain services. Serving as a distributor and wholesaler, it connects top tech brands, such as Acer, Apple, Cisco, HP, IBM, Lenovo, Microsoft, and Samsung, with businesses worldwide, supporting the distribution and marketing of their products.

 

In a data security incident notice published on its website, on July 5, Ingram Micro said that it was a victim of a  ransomware attack, where threat actors breached its internal network, encrypted critical systems and stole confidential data.

 

The company immediately launched an investigation, with assistance from external cyber security experts, to determine the scope of the incident. Ingram Micro also took steps to secure the affected systems, including proactively taking certain systems offline and notified relevant law enforcement authorities about the same.

 

In a separate update, on July 7, Ingram Micro said that it has made significant progress in restoring its transactional business.

 

“Subscription orders, including renewals and modifications, are available globally and are being processed centrally via Ingram Micro’s support organisation. Additionally, we are now able to process orders received by phone or email from the UK, Germany, France, Italy, Spain, Brazil, India, China, Portugal and Nordics. 

 

“Some limitations still exist with hardware and other technology orders, which will be clarified as orders are placed,” Ingram Micro said.

 

While the company did not disclose who was behind the ransomware attack, BleepingComputer reported that the SafePay ransomware group claimed responsibility. In fact, the group sent a ransom note to the company, demanding payment and giving a one-week deadline. If the company failed to meet their demands, the hackers threatened to leak the stolen data.