‘Our teams are now able to process and ship orders received via EDI, or electronically, as well as by phone or email across all of our business regions,’ according to an Ingram Micro statement.
Ingram Micro Wednesday said it can once again process and ship orders received electronically across all of its business regions following a ransomware attack that had downed its systems for days, leaving some solution providers clambering to source products elsewhere.
“Our teams are now able to process and ship orders received via EDI, or electronically, as well as by phone or email across all of our business regions,” the Irvine, Calif.-based company posted on a status page that it has used to give a blow-by-blow of its efforts to combat a ransomware attack.
That follows updates posted Tuesday that said the ransomware incident had been “remediated” with the help of a third-party cybersecurity vendor and that partners could now place orders via email and phone.
“We believe the unauthorized access to our systems in connection with the incident is contained and the affected systems remediated,” the company posted late Tuesday. “Our investigation into the scope of the incident and affected data is ongoing.”
CRN has reached out to Ingram Micro for additional comment.
Ingram Micro was hit by a ransomware attack associated with the cybercriminal group known as SafePay, according to BleepingComputer, which reported that the distributor’s ordering systems had been down since July 3.
Ingram Micro, which at $48 billion is the second-largest IT distributor in the world, disclosed the attack late on July 5 via a statement that said it was “working diligently to restore the affected systems so that it can process and ship orders” and apologized for the “disruption.”
In the wake of the dayslong ordering outage, some Ingram Micro partners had increasingly become frustrated with how long it was taking to restore systems. Solution providers said they began noting problems with Ingram Micro’s site roughly two days before the company reported anything was amiss.
Jason Slagle, CEO of Toledo, Ohio-based MSP CNWR, told CRN Wednesday he is glad to hear that the Ingram Micro recovery from the ransomware attack is starting.
That said, Slagle said he is feeling the cash pinch as projects that can’t wait are now being supplied through other distributors.
“I only have terms with IM [Ingram Micro] now and they’re my primary distributor,” he said. “We’ve also had to go to other [distributors] where we can’t wait and prepay stuff. The world won’t end, but it hurts managing cash flow. This has prevented us from maximizing savings on things like shipping. I feel for Ingram, but they have dropped the ball on this.”
For years now, Slagle has worked with several vendors in the MSP community around maturing their security practices. He has by turns badgered and praised software tool providers like ConnectWise and Kaseya as those platforms grappled with security incidents and their leadership learned from mistakes to better communicate about them with MSPs.
“At this point, I presume most companies will experience [a security incident] at some point. It’s 100 percent how you respond,” he told CRN. “Generally sticking your head in the sand and pretending nothing happened, or refusing to say anything, is a bad look.”
Steven Burke contributed to this story.
