Xerox US subsidiary hit by ransomware attack

Code Skull
(Image credit: Shutterstock)

The US arm of Xerox Business Solutions (XBS) suffered a ransomware attack just before the New Year where hackers stole some sensitive information, but the incident did not reportedly disrupt the company’s activities.

A report from BleepingComputer spotted XBS being added to the data leak site belonging to the INC Ransom threat actor, and reached out to the company, which provided the following statement:

“Recently, Xerox’s subsidiary, Xerox Business Solutions, experienced a security incident which was detected and contained by Xerox cybersecurity personnel. The event was limited to XBS U.S. We are actively working with third-party cybersecurity experts to conduct a thorough investigation into this incident and are taking necessary steps to further secure the XBS IT environment.”

Added, then pulled, from the data leak site

The statement, later published to the Xerox newsroom site, further states that the incident did not impact the company’s corporate systems, operations, or data. It had no effect on XBS operations, the company added. “However, our preliminary investigation indicates that limited personal information in the XBS environment may have been affected. As per our policy and standard operating procedure, we will notify all affected individuals as required.”

On the data leak site, INC Ransom said the stolen information includes email communications (both addresses and the emails’ contents), payment details, invoices, filled-out request forms, and purchase orders. While it's unclear whose data this is, the media speculates it might be of clients, partners, and employees.

Shortly after, INC Ransom removed XBS from its website, which could mean either that the company paid the ransom demand, or continued the negotiations.

XBS provides document technology and services, including printers, copiers, digital printing systems, and similar products and services. Last year, the company recorded revenues of $1.94 billion, marking a 9.2% increase year-over-year, or a 13.9% increase in constant currency.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.