Cyber Incident Victim: Ingram Micro

On July 5, 2025, Ingram Micro Holding Corporation publicly disclosed a cybersecurity incident involving ransomware detected on certain internal systems. The Irvine, California-based technology distributor stated it identified the ransomware intrusion recently, though no specific detection date was provided. Upon discovery, the company immediately implemented containment measures by securing the affected environment. These actions included proactively taking unspecified systems offline to prevent further spread of the ransomware and deploying additional mitigation measures. Ingram Micro simultaneously initiated a formal investigation with assistance from unnamed leading cybersecurity experts and notified relevant law enforcement agencies about the breach. The company did not disclose technical details about the ransomware variant, initial attack vector, or duration of system compromise prior to detection in its public statements.

The incident caused a significant system outage impacting core business operations, particularly order processing and shipping capabilities. Ingram Micro acknowledged the disruption affected customers, vendor partners, and other stakeholders, issuing a public apology while emphasizing diligent restoration efforts. No information was provided regarding data exfiltration, ransom demands, or financial impact. The company maintained focus on recovery operations without specifying timelines for full system restoration or detailing the scope of affected infrastructure beyond references to "certain internal systems." Throughout its communications, Ingram Micro reiterated its collaboration with cybersecurity professionals and law enforcement while withholding technical specifics about attacker methodologies or compromised assets. Business continuity implications remained centered on operational disruptions to order fulfillment rather than disclosed impacts to financial systems, customer data, or cloud service platforms.