The SafePay ransomware gang is threatening to leak 3.5TB of knowledge belonging to IT big Ingram Micro, allegedly stolen from the corporate’s compromised programs earlier this month.
Ingram Micro is among the world’s largest business-to-business service suppliers and expertise distributors, providing a variety of options to resellers and managed service suppliers worldwide, together with {hardware}, software program, cloud companies, logistics, and coaching.
Whereas BleepingComputer first reported on July 5 that SafePay was behind this incident, the ransomware gang did not declare accountability for the assault till earlier this week, when it added the tech big to its darkish net leak portal.
SafePay ransomware is a non-public operation that surfaced in September 2024 and has since added over 260 victims to its leak web site; nevertheless, the precise quantity is probably going bigger, as solely victims who do not pay are listed.
They’re additionally recognized for stealing delicate paperwork earlier than encrypting victims’ programs and threatening to leak this stolen information on the darkish net if a ransom isn’t paid.
For the reason that begin of the 12 months, SafePay has develop into some of the energetic ransomware teams, filling the hole left by LockBit and BlackCat (ALPHV) ransomware.
As BleepingComputer reported earlier this month, Ingram Micro additionally suffered a world outage attributable to the SafePay ransomware assault, with workers advised to work at home and the corporate’s web site and ordering programs taken offline.
Since then, BleepingComputer has discovered that the corporate has been engaged on restoring VPN entry to workers and has additionally carried out a company-wide password and multi-factor authentication (MFA) reset.
Ingram Micro rapidly recovered from the incident, restoring lots of the inner programs and platforms impacted by the assault inside days, permitting workers better entry to its ordering system.
“Ingram Micro is happy to report that we are actually operational throughout all nations and areas the place we transact enterprise. Our groups proceed to carry out at a swift tempo to serve and assist our clients and vendor companions,” Ingram Micro introduced simply 4 days after disclosing the assault.
Nonetheless, the corporate has but to substantiate that SafePay ransomware was behind the breach and whether or not the attackers stole information from its compromised programs.
An Ingram Micro spokesperson was not instantly out there for remark when BleepingComputer reached out for extra data earlier at this time.
CISOs know that getting board buy-in begins with a transparent, strategic view of how cloud safety drives enterprise worth.
This free, editable board report deck helps safety leaders current danger, influence, and priorities in clear enterprise phrases. Flip safety updates into significant conversations and quicker decision-making within the boardroom.
