Particle.news

Download on the App Store

SafePay Sets August Deadline to Leak 3.5 TB of Ingram Micro Data

Despite restoring global operations after the attack, Ingram Micro has not updated its incident page or confirmed any data theft attribution.

Image
Image

Overview

  • The SafePay ransomware group added Ingram Micro to its dark web leak portal on July 29 with an August 1 deadline to publish 3.5 TB of allegedly stolen data.
  • Ingram Micro completed a company-wide password and multi-factor authentication reset and restored its core business operations by July 9.
  • Some regional sites, including the META security portal, have been brought back online, but parts of the distributor’s infrastructure remain inaccessible.
  • The company’s public incident page has not been revised since its July 9 restoration announcement and it has yet to acknowledge SafePay’s responsibility.
  • Since emerging in September 2024, SafePay has targeted over 260 victims through double extortion, filling the gap left by groups such as LockBit and BlackCat.