Ingram Micro experienced a significant ransomware attack in July 2025, which compromised the personal data of 42,521 employees and job applicants. The company confirmed the breach through a filing with the Maine attorney general, revealing that the attack occurred on July 2. Ingram detected the intrusion the following day and took immediate action by shutting down systems to contain the damage. The exposed data included names, contact details, dates of birth, and sensitive identity document numbers, along with employment-related information. The ransomware group SafePay claimed responsibility for the attack, reportedly stealing 3.5 terabytes of data. Ingram faced operational challenges following the breach, with some sources indicating that managed services were disrupted and staff at regional offices were sent home. Although Ingram Micro resumed some operations within days, the attack had a notable financial impact, given the company’s daily revenue of about $190 million. Customers expressed frustration over the lack of communication during the incident, highlighting that updates were hard to find until The Register intervened. SafePay demanded an undisclosed ransom by July 31, but after the deadline, they claimed to have published the stolen data, though the download link was non-functional. Ingram Micro's response to inquiries about the attack has been limited, but they acknowledged the ransomware involvement in a statement. The situation underscores the significant risks and repercussions businesses face from cyberattacks.