Printing solutions giant Xerox over the weekend confirmed that its US-based subsidiary Xerox Business Solutions experienced a data breach.
The incident, the company says, was limited to Xerox Business Solutions US and was contained by its cybersecurity team.
While the attack did not affect Xerox’s corporate systems and had no impact on the company’s operations or data, the investigation launched into the matter determined that personal information was compromised.
“Our preliminary investigation indicates that limited personal information in the XBS environment may have been affected. As per our policy and standard operating procedure, we will notify all affected individuals as required,” Xerox said in an incident notice on its website.
To date, however, the company has not provided details on whether the incident impacts clients, employees, or partners.
Xerox shared no details on the type of cybersecurity incident its subsidiary fell victim to, but the ransomware gang known as Inc Ransom was quick to claim responsibility for the attack.
On December 30, the group listed Xerox on its Tor-based leak site, posting screenshots of documents allegedly stolen from the company, as proof of intrusion.
Since then, however, the entry was taken down, suggesting that Xerox might have engaged in communication with the attackers, to prevent the stolen data from being published online.
SecurityWeek has emailed Xerox for additional information on the attack and will update this article as soon as a reply arrives.