INC RANSOM gang claims attack on Xerox Corp, confirmed to be Xerox US division

INC RANSOM ransomware group has publicly claimed responsibility for infiltrating the systems of Xerox Corp and added Xerox to its list of victims on its Tor-based leak site, a move used by ransomware groups to pressure companies into meeting demands.

Xerox Corporation is a globally recognized American corporation that specializes in print and digital document products and services. Founded in 1906, it became a prominent player in the office equipment market, particularly famous for its photocopiers and printers.

To substantiate their claim the ransomware group released images of eight documents purportedly obtained from Xerox. These documents include sensitive materials like internal emails and an invoice. However, the total volume of data that the group alleges to have stolen from Xerox remains unclear, raising concerns about the potential impact and scope of the breach.

At this moment there is no confirmation nor incident report from Xerox, so it's unclear what - if any is the volume of the data impacted, which systems and individuals of Xerox have been compromised and any specifics about the nature of the attack.

Update - on 1st of January 2024, Xerox Corporation confirmed that U.S. division of Xerox Business Solutions (XBS) has experienced a cybersecurity breach. Xerox states that the breach was contained by its cybersecurity team and limited to XBS U.S and are collaborating with third-party cybersecurity experts.

The full extent of the breach, including the impact on clients, partners, and employees, is currently unknown. Xerox plans to notify all affected individuals. Interestingly, the Xerox entry has been removed from the ransom group's leak portal, potentially indicating resumed negotiations.