Malware
Xerox Reveals Subsidiary XBS U.S. Suffers Massive Data Breach Following Ransomware Gang Attack
Xerox has reported a security breach at its subsidiary, XBS US. The ransomware gang REvil leaked sensitive data, including IP addresses and accounting details. Xerox is investigating the incident and has implemented security measures to prevent further unauthorized access to its systems.
Imagine waking up to find that your private and sensitive information has been exposed due to a security breach. Unfortunately, that’s what happened to the U.S. division of Xerox Business Solutions (XBS) recently. Hackers managed to infiltrate their system, and as a result, a limited amount of personal information was possibly exposed, according to a statement by Xerox Corporation.
What Does XBS Do?
XBS is a company that specializes in document technology and services. They provide a wide range of products, such as printers, copiers, digital printing systems, as well as consultation and supply services. It’s a one-stop-shop for all your business document needs. Sadly, even a company like this is not immune to cyberattacks.
The Cybersecurity Incident
The INC Ransom ransomware gang targeted XBS and added the company to its extortion portal on December 29. They claimed to have stolen sensitive data and confidential documents from XBS’s systems. After learning about the security incident, Xerox issued a statement saying that the event was limited to XBS U.S. and was detected and contained by their cybersecurity personnel.
Working alongside third-party cybersecurity experts, Xerox is conducting a thorough investigation into the incident and taking necessary steps to further secure the XBS IT environment. Thankfully, the attack has had no impact on Xerox’s or XBS’ operations. However, a preliminary investigation has indicated that limited personal information was exposed in the attack.
What Was Exposed?
The data samples shared by the hackers on the INC Ransom data leak site reveal email communications (including content and addresses exposed), payment details, invoices, filled-out request forms, and purchase orders. At this stage, the extent of the breach remains unknown. The threat actors may hold data on multiple XBS clients, partners, and employees.
Xerox has assured that they will notify all affected individuals confirmed to have been impacted by this incident. Interestingly, the Xerox entry has been removed from INC Ransom’s leak portal for unknown reasons, which could indicate resumed negotiations between the victim and the threat actors.
Not the First Time
Unfortunately, this is not the first time Xerox has faced a ransomware attack. Back in the summer of 2020, the Maze ransomware group targeted the company and threatened to publish over 100GB of stolen data.
Stay Informed and Stay Safe
As security breaches become more and more common, it’s essential to stay informed and take necessary precautions to protect your valuable information. Keep coming back to learn more about the latest cybersecurity threats and how to protect yourself and your business. Don’t let yourself be the next victim of a cyberattack.