Trending

ee-track">
Link copied!

Xerox Corporation Allegedly Struck by Maze Ransomware – Data Encrypted

Update as of 06/30/2020: As part of Cyble regular monitoring of the on-going data leaks, our researchers came across the revelation of alleged attack on Xerox Corporation by the Maze ransomware operators. Just after the…

July 1, 2020 · 2 min read

Update as of 06/30/2020: As part of Cyble regular monitoring of the on-going data leaks, our researchers came across the revelation of alleged attack on Xerox Corporation by the Maze ransomware operators. Just after the data leaks of Manson Construction Co and Innotech-Execaire Aviation Group, Xerox fell a victim of the Maze ransomware group.

Xerox Holdings Corporation founded in 1906 is an American corporation that sells print and digital document products and services in more than 160 countries. As a large developed company, it is consistently placed in the list of Fortune 500. With over 27,000 employees the company has an average annual revenue above $10 billion.

Below is the snapshot of the claim by ransomware operators -:

Screen Shot 2020 06 30 at 9.57.22 pm

The Cyble Research Team has identified and analyzed the proof. It consists of multiple screenshots showing the compromised server(s) files and data encrypted by the ransomware. One of the snapshot consists of a warning message stating Xerox to contact the operators within 3 days, otherwise, the information about the breach would be posted on Maze public news website. (which has been crossed and breach information posted above)

Below are few snapshots posted by the ransomware operators.

Screen Shot 2020 06 30 at 10.16.28 pm
25 06 2020 00 14 53
25 06 2020 04 11 19
25 06 2020 04 19 03

The leaked screenshots show that the ransomware operators were in the Xerox network till June 25th, 2020.

report-ad-banner

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.

About Cyble:

Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks.

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams