Dive Brief:
- Xerox on Saturday disclosed a cyber intrusion at its Xerox Business Solutions subsidiary, which resulted in a limited amount of personal data being accessed. Xerox said company personnel detected and contained the attack.
- The company confirmed the recent incident after the Inc ransomware group claimed it stole Xerox data. Xerox did not provide specific details on when the attack took place.
- Xerox said there was no impact on its corporate systems, operations or data. Operations at Xerox Business Solutions were also not impacted, the company said.
Dive Insight:
Xerox has not provided any details about how the threat group gained access to its systems, but recent high-profile attacks against several major companies, including Boeing and Comcast Xfinity, have been linked to the exploitation of critical vulnerabilities in applications they use.
Inc ransomware emerged in July and is linked to exploitations of vulnerabilities in Citrix Netscaler, according to SentinelOne. The group’s leak blog carries some similarities to that of LockBit 3.0, but Inc does not charge for leaked data, according to Cybereason.
Lockbit 3.0 is also linked to exploitation of the CitrixBleed vulnerability.
Xerox said it is working with third-party cybersecurity experts to investigate the incident and is taking additional measures to provide additional security for its Xerox Business Solutions IT environment.
Xerox said it will notify all individuals that were impacted by the incident. It is not immediately clear whether the breach also impacted company employees.
There is no indication of a regulatory filing to the Securities and Exchange Commission on the Xerox investor relations site. SEC rules now require publicly traded companies to disclose material incidents within four business days of such determination.