Ingram Micro, a leading global IT distributor, is grappling with a widespread outage that has rendered its internal systems and customer-facing portals inaccessible for over 48 hours. The disruption, which began early Thursday, July 3, has significantly impacted the company’s ability to process orders, manage service licenses, and support its vast network of partners and customers worldwide.
Scope and Impact
The outage affects all major Ingram Micro web portals and internal systems. Customers attempting to access these platforms are met with maintenance notifications or access-restricted messages. As a result, managed service providers (MSPs) and resellers are unable to order essential hardware, software, or backup licenses—interrupting critical IT supply chains and service delivery.
Communication from Ingram Micro has been limited. Many customers have expressed frustration over the lack of timely updates or guidance. Attempts to reach support teams via phone or email have largely been unsuccessful, with some users receiving only automated responses. In certain regions, such as Ingram Micro’s Bulgaria service center, employees have reportedly been sent home and instructed to disconnect their work devices, suggesting a comprehensive internal shutdown.
Possible Causes
While Ingram Micro has not officially disclosed the cause of the outage, the scale and nature of the disruption have led to speculation of a cyberattack, potentially involving ransomware. The extended downtime, inaccessibility of internal systems, and instructions for staff to disconnect devices are consistent with the typical response to a significant security incident. However, as of this writing, there is no official confirmation from Ingram Micro regarding the cause.
Company Response
To date, Ingram Micro has issued only a generic maintenance message on its websites, apologizing for the inconvenience and stating that teams are working to resolve the issue. No estimated timeline for restoration or further details have been provided.
Business Context
Ingram Micro employs approximately 24,000 people worldwide and generated $48 billion in revenue in 2024. The current outage is disrupting global IT supply chains and service delivery for numerous businesses that rely on the distributor’s products and services.
Summary Table: Ingram Micro Global Outage (July 2025)
| Aspect | Details |
|---|---|
| Start Time | July 3, 2025 (Thursday morning, UTC) |
| Systems Affected | Websites, customer portals, internal systems, phone/email support |
| Customer Impact | Unable to place orders, manage licenses, or contact support |
| Employee Impact | Staff sent home, told to disconnect laptops in some regions |
| Suspected Cause | Unconfirmed; speculation of cyberattack or ransomware |
| Company Statement | Generic maintenance message; no official cause or ETA provided |
| Duration | Ongoing, more than 48 hours as of July 5, 2025 |
UPDATE: JULY 5, 2025
Ingram Micro Hit by Major Outage Following SafePay Ransomware Attack
Ingram Micro, the world’s largest IT distributor, is grappling with a significant global outage after falling victim to a ransomware attack orchestrated by the notorious SafePay group. The incident, which began early Thursday, July 3, has brought the company’s websites, customer portals, and critical internal systems to a standstill, disrupting operations for countless partners and clients worldwide.
Sources close to the situation have confirmed that the outage was triggered by a ransomware attack linked to the SafePay group. Employees, particularly at Ingram Micro’s service center in Bulgaria, discovered ransom notes on their devices, a hallmark of SafePay’s operations. In response, staff were instructed to turn off their laptops and disconnect from internal systems—standard protocol to contain the spread of ransomware.
The Attack and Its Impact
SafePay, a ransomware group that emerged in late 2024, has quickly gained notoriety for targeting large organizations with a double extortion strategy: encrypting files and threatening to leak stolen data unless a ransom is paid. The group is known for exploiting vulnerabilities in VPN gateways, and in this case, it is believed that Ingram Micro’s GlobalProtect VPN platform may have been the entry point.
The attack has had a sweeping impact:
- Websites and Portals: Ingram Micro’s main website and partner/customer portals have been offline for over two days.
- Critical Platforms: Xvantage and Impulse, essential for order placement and license provisioning, are inaccessible.
- Customer Operations: MSPs and resellers are unable to manage or provision Microsoft 365 licenses or order hardware, causing widespread disruption.
- Internal Communication: Employees have been told to refer to the incident as “technical difficulties,” and no official public statement has been made regarding the ransomware attack.
