Ransomware Group Claims Cyber Breach of Xerox Subsidiary
After Xerox cybersecurity personnel discovered the breach, they brought in third-party experts to investigate.
Xerox Business Solutions, a subsidiary of Xerox, experienced a "cyber security incident," according to a press release from the company.
The cyber incident's scope was limited to XBS in the US and has now been contained after initially being discovered by Xerox cybersecurity personnel.
Xerox Corp. makes office and production printers, projectors, scanners, and a variety of other office equipment.
Though Xerox said neither XBS nor Xerox corporate data and operations were impacted, an investigation by a third-party cybersecurity firm has led Xerox to believe that personal information was accessed in the breach.
The company has not released any information as to who the threat actors were, but ransomware gang INC Ransom added Xerox to its list of victims on X, formerly known as Twitter.
"While it remains unclear whether Xerox is in negotiations with INC Ransom, the removal of their leaked documents implies ongoing discussion may be taking place. Given that data exfiltration claims were made by the ransomware group, the company is likely scrambling to safeguard not only themselves but their customers," noted Darren Williams, CEO and founder of BlackFog, in an emailed statement to Dark Reading. "Negotiating with cybercriminals is highly discouraged and should be avoided at all costs."
Xerox said it plans to notify all individuals whose personal information had been compromised in the breach.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024