ingrammicro.com
ingrammicro.com
Group: Safepay
Discovered by ransomware.live: 2025-07-29
Estimated attack date: 2025-07-29
Country:
Description:
[AI generated] Ingram Micro is a global technology and supply chain services provider. The company, established in 1979, offers a broad range of solutions and services to businesses around the globe, including cloud, mobility, supply chain, and technology solutions. It serves markets including IT, telecommunications, consumer electronics, and others.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 112
Compromised Users: 10360
Third Party Employee Credentials: 364
External Attack Surface: 161
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse key-systems.net
- abusereport key-systems.net
- info domain-contact.org
MX Records
- mx0b-0021cb01.pphosted.com.
- mx0a-0021cb01.pphosted.com.
TXT Records
- figma-domain-verification=d5ec9de77f3acd26ae707750d4a00f5c0c161165c72b7ca5f189981a6f22e294-1733417104
- dropbox-domain-verification=198qppywlg4l
- dropbox-domain-verification=9q0h16zyatwl
- _j7w5i0c7vl2wrqrqs8bn2gl8oqi6nk1
- docusign=950f3aeb-adf4-4ed9-a83d-5cc1b2d7196f
- _olzqztten6vkkqwje0004ej0g1ugp49
- _8qr8hg66wtciw7oelh2lhuc2t3ma7gv
- _l0kkbdq9yqjj3n71rslfqjc3h8tbtcz
- traction-guest=9bcca760-1607-4774-af0e-af294d5e1321
- vmware-cloud-verification-023dc71b-0a4a-43c0-8412-6361d1a64ee3
- _gshg1m5ovj9qu54t3n0qe3ejo9f0roa
- _c5e7c7ajmu3lhkx89utoz6uo31rtxys
- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEWBG8HF1p2F1oBhqRfIc5gpGhS7J2AaVd0/PE8ILnm5LsBKRVUuQOGghu5qOWtTwCBiJubtRWS2YMbkNNQMB2Ykjy7ZHDwYZ2ACzokle9kYnbww2cv66uFkDrm6kOXB7Ee471/Eo5b+Irlp6MTlMjVjfWmOPAZzelxyMUakLjiwIDAQAB
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
- _aojed26k2zt97n71ymdpflues2h20bp
- facebook-domain-verification=68gb13903yfa032g1hvoi9or68efqh
- docker-verification=07ec3c3d-7cac-44f2-8193-8eece3af0cae
- atlassian-domain-verification=0BEP3SAajmOlV9QqKLkYeibAvoDki0tAOgz/fDoj74x5zw47f73GFVr1WYyJCYgo
- EtdwHYRJ3ww/fHw6JG3+nGXZpCJAa8s5TfUOXByUbLaL7bcIr3aTDcDvSqhRLV502J6GvUVOoaa3wtde7/zsLw==
- miro-verification=1f063abc162fa427a5c7ac6ed3433a7eeea2bc65
- dropbox-domain-verification=086jlfgetx5l
- teamviewer-sso-verification=fa21f7d5f0f24467a361a1375fdf7456
- V6chhU3s/iMHfuzNRiloW2TWZbHzx07IYMPwz+yskuGJNmj3woZDf/RQvGg0jnugJwKj5fAIZlb2qprGBtA4qA==
Cloud / SaaS Services Detected
Atlassian
Box
Dropbox
Miro
Teamviewer
DocuSign
Proofpoint
Leak Screenshot:
