On July 5, 2025, Ingram Micro, an IT distribution and services company, experienced a major ransomware attack that disrupted operations across its worldwide network. The data breach is believed to have compromised personally identifiable information (PII) such as personnel files, customer records, and bank details.
The ransomware group known as SAFEPAY claimed responsibility for the breach, stating they had infiltrated Ingram Micro’s internal systems. According to the attackers, they were able to maintain prolonged access, exfiltrating approximately 3.5 terabytes of sensitive company data before encrypting files and locking vital servers.
Ingram Micro disclosed the data breach to the U.S. Securities and Exchange Commission (SEC) on July 5, 2025. The company also set up a cybersecurity incident response page on its own website the same day.
According to disclosures on the Ingram Micro website, it took the company multiple days to completely restore business operations after the cyberattack was discovered. Exposed information may include names, dates of birth, Social Security numbers, employee records, customer account numbers, purchase history, and payment or financial information.
Ingram Micro’s response
After discovering the attack on its internal systems, Ingram Micro took action to secure its network and notified law enforcement. The company will notify affected individuals once a review is complete.
If you receive a data breach notice from Ingram Micro, you may want to:
- Sign up for the free credit monitoring services, if offered.
- Monitor your credit reports and financial accounts for any unusual activity.
- Be alert for phishing emails or phone calls that may use your exposed information.
- Consider placing a fraud alert or credit freeze with major credit bureaus.
More information about the company can be found on the Ingram Micro website.
Protect Your Data
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.
