Xerox Business Solutions (XBS) [1] [2] [3] [4], a subsidiary of Xerox Holdings Corp [4], experienced a cybersecurity incident attributed to the Inc Ransom ransomware group [2]. This incident [1] [2] [3] [4], promptly detected and contained by Xerox cybersecurity personnel [1], targeted XBS in the US. While XBS’s activities were not disrupted and Xerox’s corporate systems and operations remained unaffected, there is concern that personal information may have been compromised. Xerox is actively working with cybersecurity experts to investigate the incident and secure its IT environment [4].
Description
XBS [1] [2] [3] [4], a subsidiary of Xerox Holdings Corp [4], announced on December 30 that it had experienced a cybersecurity incident caused by the Inc Ransom ransomware group. The attack specifically targeted XBS in the US. However, thanks to the quick response of Xerox cybersecurity personnel, the attack was promptly detected and contained. As a result, XBS’s activities were not disrupted, and Xerox’s corporate systems and operations remained unaffected.
Although the incident did not impact Xerox’s operations, there is a concern that personal information may have been compromised. Xerox is actively collaborating with cybersecurity experts to thoroughly investigate the incident and ensure the security of its IT environment. XBS has implemented a policy to notify all individuals who may have been affected by the breach, prioritizing data privacy and protection [2].
It is important to note that negotiating with cybercriminals is strongly discouraged, despite suggestions that Xerox may be in discussions to pay the ransom [4]. Additionally, it is worth mentioning that Xerox had previously dealt with a ransomware breach in 2020. The Inc Ransom group, known for their double extortion tactics and targeting organizations, is responsible for this attack.
The stolen information is believed to include email communications, payment details [1], and purchase orders [1], potentially belonging to XBS’s clients, partners [1], and employees [1].
Conclusion
Moving forward, Xerox is committed to ensuring the safety of its operations and is taking proactive measures to secure its IT environment. The incident highlights the importance of robust cybersecurity measures and the need for organizations to remain vigilant against cyber threats. Xerox will continue to work closely with cybersecurity experts to mitigate the impacts of the incident and prevent future breaches.
References
[1] https://www.techradar.com/pro/security/xerox-us-subsidiary-hit-by-ransomware-attack
[2] https://www.infosecurity-magazine.com/news/xerox-business-solutions-security/
[3] https://www.action-intell.com/2024/01/02/xeroxs-xbs-subsidiary-breached-by-ransomware-group/
[4] https://siliconangle.com/2024/01/03/xerox-business-solutions-targeted-inc-ransom-ransomware-gang/
