Ingram Micro, a major IT service provider, has confirmed a ransomware attack on its internal systems, leading to a global outage affecting websites and operations since July 3rd . The company has taken systems offline, launched an investigation with cybersecurity experts, and notified law enforcement . Ingram Micro is working to restore systems and apologizes for disruptions to customers and partners .
The Ingram Micro outage started on July 3rd, impacting its websites and internal systems . Customers were unable to place orders, and employees were reportedly locked out of various internal systems . The disruption began when the company's main website, ingrammicro.com, went offline .
The SafePay ransomware crew has taken responsibility for the attack . According to Bleeping Computer, SafePay claims it exploited "a number of mistakes" Ingram made "in setting up the security of your corporate network, so we were able to spend quite a long time in it and compromise you" . The group reportedly entered Ingram's systems via its GlobalProtect VPN platform .
Ingram Micro issued a formal statement confirming the ransomware attack . The company said it had taken immediate steps to secure its systems and launched an investigation with the help of leading cybersecurity experts .
Among systems impacted are Ingram's flagship AI-powered Xvantage platform and the Impulse license provisioning platform . Xvantage uses AI to automate quote creation, order management and real-time tracking .
The outage has caused significant disruption for resellers and enterprise clients . Fluid Designs, a business client, reported being unable to place or track orders and criticised what it described as poor communication from Ingram in the aftermath of the attack . Several Fortune 500 companies are now moving parts of their procurement operations to rival distributors such as TD Synnex .
Industry analysts estimate that Ingram Micro could face daily revenue losses of up to $136 million while systems remain offline .
SafePay was the most active ransomware crew in the world in May, with 70 attacks linked to the gang and its affiliates that month .
Ingram Micro is working diligently to restore the affected systems so that it can process and ship orders, and the Company apologizes for any disruption this issue is causing its customers, vendor partners, and others .