Ingram Micro says it is working to restore systems after publicly acknowledging that it has suffered a ransomware attack.
The distribution giant last night confirmed it had “recently identified ransomware on certain of its internal systems”. It said it has also launched an investigation and notified law enforcement.
The acknowledgement comes following a report by Bleeping Computer claiming that Ingram’s ongoing outage was caused by a SafePay ransomware attack.
Ingram’s website has been down since Thursday. Until as recently as yesterday, visitors were greeted with a maintenance page informing them “we are currently experiencing technical difficulties” – although this has now been updated to the below.
According to a report by The Register, MSPs had complained about not being able to place orders or manage their customers’ services.
Ingram is the world’s second-largest IT distributor behind only TD Synnex. Having moved back into public ownership last October, the NYSE-listed outfit is aggressively repositioning itself as a ‘platform company’.
In a statement, Ingram said:
Ingram Micro recently identified ransomware on certain of its internal systems. Promptly after learning of the issue, the Company took steps to secure the relevant environment, including proactively taking certain systems offline and implementing other mitigation measures. The Company also launched an investigation with the assistance of leading cybersecurity experts and notified law enforcement.
Ingram Micro is working diligently to restore the affected systems so that it can process and ship orders, and the Company apologizes for any disruption this issue is causing its customers, vendor partners, and others.
