Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack

Printing solutions giant Xerox over the weekend confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach.
The incident, the company says, was limited to Xerox Business Solutions US and was contained by its cybersecurity team.
While the attack did not affect Xerox's corporate systems and had no impact on the company's operations or data, the investigation launched into the matter determined that personal information was compromised.
To date the company has not provided details on whether the incident impacts clients, employees, or partners.
Xerox shared no details on the type of cybersecurity incident its subsidiary fell victim to, but the ransomware gang known as Inc Ransom was quick to claim responsibility for the attack.
On December 30, the group listed Xerox on its Tor-based leak site, posting screenshots of documents allegedly stolen from the company, as proof of intrusion.
Since then the entry was taken down, suggesting that Xerox might have engaged in communication with the attackers, to prevent the stolen data from being published online.
SecurityWeek has emailed Xerox for additional information on the attack and will update this article as soon as a reply arrives.

This Cyber News was published on www.securityweek.com. Publication date: Wed, 03 Jan 2024 12:13:24 +0000

Cyber News related to Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack

Xerox confirms 'security incident' at subsidiary The Register - Xerox has officially confirmed that a cyber baddie broke into the systems of its US subsidiary - a week after INC Ransom claimed to have exfiltrated data from the copier and print giant. Xerox Business Solutions, a subsidiary of Xerox, offers a range ...
1 year ago Go.theregister.com

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
4 months ago Aws.amazon.com

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack - Printing solutions giant Xerox over the weekend confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach. The incident, the company says, was limited to Xerox Business Solutions US and was contained by its ...
1 year ago Securityweek.com

The Week in Ransomware - With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. Last weekend, BleepingComputer tested a new decryptor for the Black Basta ransomware to show how it ...
1 year ago Bleepingcomputer.com

Xerox's US subsidiary Hit by Cyber Attack: Personal Info Exposed - Recently, Xerox's US subsidiary, Xerox Business Solutions, experienced a cyber incident, prompting immediate action from Xerox's cybersecurity personnel. While the specifics of the intrusion remain under investigation, initial reports indicate ...
1 year ago Cybersecuritynews.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
1 year ago Securityboulevard.com

Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data - The U.S. division of Xerox Business Solutions has been compromised by hackers with a limited amount of personal information possibly exposed, according to a statement by the parent company, Xerox Corporation. XBS specializes in document technology ...
1 year ago Bleepingcomputer.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
1 year ago Securityzap.com

Ticketmaster confirms data breach impacting 560 million customers - MUST READ. Ticketmaster confirms data breach impacting 560 million customers. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a RansomHub attack. OmniVision disclosed a data breach ...
8 months ago Securityaffairs.com

Ransomware Group Claims Cyber Breach of Xerox Subsidiary - The cyber incident's scope was limited to XBS in the US and has now been contained after initially being discovered by Xerox cybersecurity personnel. Xerox Corp. makes office and production printers, projectors, scanners, and a variety of other ...
1 year ago Darkreading.com

After ransomware claims, Xerox says subsidiary hit with cyberattack - Xerox said a subsidiary is dealing with a cyberattack that may have involved the theft of personal information. Last week a ransomware gang named INC claimed it attacked the company - which earned over $7 billion in 2022 from selling printers in more ...
1 year ago Therecord.media

Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
11 months ago Bleepingcomputer.com

Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
7 months ago Securityaffairs.com

Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
7 months ago Securityaffairs.com

The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com

Prudential Financial data breach impacted over 2.5M individuals - Prudential Financial data breach impacted over 2.5 million individuals. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
7 months ago Securityaffairs.com

Yamaha Motor confirms ransomware attack on Philippines subsidiary - Yamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak of some employees' personal information. "One of the servers managed by [.] motorcycle manufacturing and sales ...
1 year ago Bleepingcomputer.com

The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
9 months ago Bleepingcomputer.com

Ticketmaster sends notifications about recent massive data breach - Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people. Last month, a threat actor known as ShinyHunters began selling stolen ...
7 months ago Bleepingcomputer.com

The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com

Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com

Toyota warns customers of data breach exposing personal, financial info - Toyota Financial Services is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a ...
1 year ago Bleepingcomputer.com

Auto parts giant AutoZone warns of MOVEit data breach - AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. AutoZone is the leading retailer and distributor of automotive spare parts and accessories in the U.S., operating ...
1 year ago Bleepingcomputer.com

Xerox Printer Vulnerabilities Enable Credential Capture - "Since LDAP and SMB settings on MFP devices typically contain Windows Active Directory credentials, a successful attack would give a malicious actor access to Windows file services, domain information, email accounts, and database systems," ...
2 days ago Darkreading.com

Latest Cyber News

Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 1 hour ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 7 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 7 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 8 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 8 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 11 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 11 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 13 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 13 hours ago
CVE-2025-27097 - 17 hours ago
CVE-2025-27098 - 17 hours ago
Apiiro unveils free scanner to detect malicious code merges - 17 hours ago
Black Basta ransomware gang's internal chat logs leak online - 18 hours ago
CVE-2025-0352 - 18 hours ago
CVE-2025-1265 - 18 hours ago
CVE-2025-24893 - 18 hours ago
CVE-2025-25299 - 18 hours ago
Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released - 18 hours ago
New NailaoLocker Ransomware Attacking European Healthcare - 18 hours ago
Beware of North Korean Job Interview Process Delivers Malware Via Fake Chrome Update - 19 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Black Basta is latest ransomware group to be hit by leak of chat logs | The Record from Recorded Future News - 1 hour ago
CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - 7 hours ago
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors - 7 hours ago
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix - Cyber Security News - 8 hours ago
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia - 8 hours ago
Google Released PoC Exploit for Palo Alto Firewall Command Injection Vulnerability - 11 hours ago
New Active Directory Pentesting Tool For KeyCredentialLink Management - 11 hours ago
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub - 13 hours ago
China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - 13 hours ago
CVE-2025-1272 - 2 days ago
CVE-2025-27090 - 1 day ago
CVE-2023-51305 - 1 day ago
CVE-2024-10339 - 1 day ago
CVE-2024-37359 - 1 day ago
CVE-2024-37360 - 1 day ago
CVE-2024-5705 - 1 day ago
CVE-2024-5706 - 1 day ago
CVE-2025-21355 - 1 day ago
CVE-2025-24989 - 1 day ago
CVE-2025-25942 - 1 day ago