Ingram Micro, one of the world’s largest IT distributors, is facing a data leak threat from the SafePay ransomware group almost a month after the initial attack. The SafePay group has claimed to have stolen 3.5TB of data from the company and listed Ingram Micro on its dark web leak site, threatening to release the data unless the distributor pays the ransom.
The attack first came to light on July 5, 2025, when Ingram Micro disclosed it had to take systems offline over the weekend. The company worked with cybersecurity experts to investigate and contain the incident, implementing additional safeguards while restoring affected systems. By July 9, Ingram Micro announced that global operations had been restored across all regions.
However, SafePay’s threat to leak data suggests that Ingram Micro chose not to pay the ransom demand. Peter King, a cybersecurity consultant, noted this follows an established pattern where threat actors use leak threats to pressure victims into paying. The 3.5TB of allegedly stolen data raises concerns about how the attackers gained access to such a large volume of information from a major channel company.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: