Extortion gang INC continues its march on major organizations.
Xerox announced a cyberattack on its subsidiary XBS, which may have resulted in the theft of personal information of employees and customers. Official confirmation was received shortly after the hacker group INC claimed responsibility for this cyber incident.
Representatives of Xerox, widely known for its copying and other office equipment, whose revenues for the year before last exceeded $ 7 billion, said that the company is actively working with cybersecurity experts to conduct a comprehensive investigation. According to them, the incident did not affect the corporate systems or operations of Xerox, but limited personal information in the XBS system was affected.
It is noted that XBS provides small and medium-sized businesses with printers, copiers and software. The company plans to notify everyone affected by the data leak in the near future.
SentinelOne researchers note that the INC group, which typically uses the CVE-2023-3519 vulnerability in Citrix products in its attacks, appeared in July and targets a whole range of industries, such as education, healthcare, and government organizations. In 2023, the group carried out a series of high-profile attacks on major companies, including Japan's Yamaha Motor and the American WellLife Network.
In addition, this is not the first time that Xerox has clashed with ransomware gangs. So, in 2020, the hacker group Maze published 25.8 GB of Xerox data. The company was also mentioned in the leaked Conti correspondence in 2022, but the exact circumstances of this case remain unknown.
Xerox announced a cyberattack on its subsidiary XBS, which may have resulted in the theft of personal information of employees and customers. Official confirmation was received shortly after the hacker group INC claimed responsibility for this cyber incident.
Representatives of Xerox, widely known for its copying and other office equipment, whose revenues for the year before last exceeded $ 7 billion, said that the company is actively working with cybersecurity experts to conduct a comprehensive investigation. According to them, the incident did not affect the corporate systems or operations of Xerox, but limited personal information in the XBS system was affected.
It is noted that XBS provides small and medium-sized businesses with printers, copiers and software. The company plans to notify everyone affected by the data leak in the near future.
SentinelOne researchers note that the INC group, which typically uses the CVE-2023-3519 vulnerability in Citrix products in its attacks, appeared in July and targets a whole range of industries, such as education, healthcare, and government organizations. In 2023, the group carried out a series of high-profile attacks on major companies, including Japan's Yamaha Motor and the American WellLife Network.
In addition, this is not the first time that Xerox has clashed with ransomware gangs. So, in 2020, the hacker group Maze published 25.8 GB of Xerox data. The company was also mentioned in the leaked Conti correspondence in 2022, but the exact circumstances of this case remain unknown.
