Ingram Micro is experiencing a significant outage caused by a SafePay ransomware attack that affected its internal systems. The attack likely exploited vulnerabilities in their GlobalProtect VPN, impacting services like the Xvantage distribution platform. #SafePay #IngramMicro #VPNsecurity
Keypoints
- The outage at Ingram Micro was caused by a SafePay ransomware attack discovered early Thursday morning.
- Employees found ransom notes on their devices, although itβs unclear if data was encrypted.
- The threat actors likely breached the company via its GlobalProtect VPN platform using compromised credentials.
- Internal systems such as the Xvantage distribution platform and Impulse license platform were affected, while others remain operational.
- SafePay is a relatively new ransomware operation, mainly breaching networks through VPN vulnerabilities and credential theft.