The SafePay Ransomware gang is threatening to leak 3.5TB of IT information, which is alleged to have been stolen from the corporate’s compromise system earlier this month.
Ingram Micro is likely one of the world’s largest inter-business service suppliers and know-how distributors, providing a variety of options to resellers and managed service suppliers around the globe, together with {hardware}, software program, cloud providers, logistics and coaching.
BeleepingComputer first reported on July 5 that SafePay was behind the incident, however the Ransomware gang didn’t declare accountability for the assault till earlier this week that it added the Tech big to a darkish internet leak portal.
SafePay Ransomware was a privately run that surfaced in September 2024, and has since added greater than 260 casualties to the leak web site. Nonetheless, the precise quantity might be massive, as solely victims who do not pay are listed.
It is usually recognized to steal delicate paperwork earlier than encrypting the sufferer’s system if the ransom shouldn’t be paid, and threaten to leak this stolen information to the darkish internet.
For the reason that starting of the 12 months, SafePay has develop into one of the vital lively ransomware teams, filling the hole left by Lockbit and Blackcat (Alphv) ransomware.
As BleepingComputer reported earlier this month, Ingram Micro additionally suffered a world outage attributable to a SafePay ransomware assault.
Since then, BleepingComputer has discovered that the corporate has been working to revive VPN entry to workers, and can also be performing company-wide passwords and multifactor authentication (MFA) resets.
Ingram Micro recovered shortly from the incident, and inside days it was capable of get better most of the inside methods and platforms affected by the assault, rising entry to the ordering system for workers.
“Ingram Micro experiences that we presently function in each nation and area the place we commerce our enterprise. Our staff continues to carry out at a speedy tempo to serve and help our prospects and vendor companions,” Ingram stated. Micro introduced It was solely 4 days after revealing the assault.
Nonetheless, the corporate has not but confirmed whether or not the SafePay ransomware is behind the violation and whether or not the attacker stole information from the compromised system.
A microspokesman for Ingram couldn’t instantly remark when BleepingComputer contacted him about extra particulars earlier at present.
