Xerox
Company Details
Linkedin ID:
xerox
Website:
Employees number:
50,167
Number of followers:
953,738
NAICS:
5416
Industry Type:
Homepage:
xerox.com
IP Addresses:
0
Company ID:
XER_2339885
Scan Status:
In-progress
Xerox Company CyberSecurity Posture
xerox.com
Xerox has been redefining the workplace experience for over a century. As a services-led, software-enabled company, we power today’s hybrid workplace through advanced print, digital, and AI-driven technologies. In 2025, Xerox acquired Lexmark—expanding our global footprint, strengthening service capabilities, and equipping us to deliver an even broader portfolio of workplace technologies to our clients. Today, we continue our legacy of innovation to deliver client-centric, digitally driven solutions that meet the needs of a global, distributed workforce. Whether in offices, classrooms, or hospitals, we help our clients thrive in a constantly evolving business landscape.
Xerox A.I CyberSecurity Scoring
Xerox Risk Score (AI oriented)Between 650 and 699
Xerox
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Xerox Global Score (TPRM)XXXX
Xerox
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Xerox Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Xerox Corporation
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: The Maine Office of the Attorney General reported that Xerox Corporation experienced a data breach on December 10, 2023, due to an external system breach (hacking), affecting 181 individuals in total, including 1 resident. The breached information included personal details such as Social Security numbers, and the company is providing 24 months of identity and credit monitoring services through Experian.
Xerox
Breach
Rankiteo Explanation
Attack without any consequences
Description: Xerox cybersecurity staff discovered and resolved a security incident that recently affected Xerox Business Solutions, a division of Xerox. The business declared that in addition to taking the required actions to further safeguard the XBS IT environment, they are actively collaborating with outside cybersecurity specialists to carry out a comprehensive investigation into this issue. The event had no influence on XBS operations or on the corporate systems, data, or operations of Xerox. According to the firm, preliminary findings from their inquiry suggest that certain personal data within the XBS environment might have been compromised.
Xerox Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Xerox
Incidents vs Business Consulting and Services Industry Average (This Year)
No incidents recorded for Xerox in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Xerox in 2025.
Incident Types Xerox vs Business Consulting and Services Industry Avg (This Year)
No incidents recorded for Xerox in 2025.
Incident History — Xerox (X = Date, Y = Severity)
Xerox cyber incidents detection timeline including parent company and subsidiaries
Xerox Company Subsidiaries
Xerox has been redefining the workplace experience for over a century. As a services-led, software-enabled company, we power today’s hybrid workplace through advanced print, digital, and AI-driven technologies. In 2025, Xerox acquired Lexmark—expanding our global footprint, strengthening service capabilities, and equipping us to deliver an even broader portfolio of workplace technologies to our clients. Today, we continue our legacy of innovation to deliver client-centric, digitally driven solutions that meet the needs of a global, distributed workforce. Whether in offices, classrooms, or hospitals, we help our clients thrive in a constantly evolving business landscape.
Loading...
Xerox Similar Companies
Choosing a digital partner is about more than capabilities — it’s about collaboration and character. Unrealistic overhauls and off-the-shelf products ignore what matters most — your unique needs, culture, goals, and your legacy data and technology environments. At EXL, our collaboration is built o
EY-Parthenon
Our unique combination of transformative strategy, transactions and corporate finance delivers real-world value – solutions that work in practice, not just on paper. Benefiting from EY’s full spectrum of services, we’ve reimagined strategic consulting to work in a world of increasing complexity. Wi
Straive
Wisdom, the ability to apply knowledge to the real world with discernment, is critical for today’s enterprise. However, wisdom becomes available to the enterprise after the iterative application of knowledge to multiple long-tail experiments. Straive helps clients operationalize the Data →Insights
Genpact (NYSE: G) is a global professional services and solutions firm delivering outcomes that shape the future. Our 125,000+ people across 30+ countries are driven by our innate curiosity, entrepreneurial agility, and desire to create lasting value for clients. Powered by our purpose – the relentl
Acosta Group
Acosta Group fuses storied expertise, unmatched connectivity and advanced insight to accelerate brand growth – everywhere you sell. Our collective of the most trusted retail, marketing and foodservice agencies is reimagining how people connect with brands at every point in the consumer journey. Co
ZS
ZS is a management consulting and technology firm that partners with companies to improve life and how we live it. We transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Founded in 1983, ZS has more than 13,000 employees
Stefanini Group
Global Tech Consulting Company All in One. Stefanini is a Brazilian multinational company with 37 years of experience and presence in 41 countries. With more than 35,000 employees, we co-create solutions for a better future, driving digital transformation with a focus on real results. We oper
VENTRA
Ventra – один из крупнейших федеральных игроков рынка аутсорсинга бизнес-процессов. Внимание, мы объединяем профили с https://www.linkedin.com/company/2928612 присоединяйтесь! Более 20 лет компании работает на территории России, Казахстана и Республики Беларусь. У Ventra большой опыт работы с круп
Applus+ is a worldwide leader in the testing, inspection, and certification sector. We are a trusted partner, enhancing the quality and safety of our clients’ assets and infrastructures while safeguarding their operations and improving their environmental performance. Our innovative approach, techni
.png)
Xerox CyberSecurity News
November 24, 2025 04:00 PM
Xerox Launches Cybersecurity Solutions for SMBs Amid Transition
Xerox launches a new cybersecurity solution tailored for small and medium businesses, marking a major shift in their strategic approach.
November 23, 2025 06:42 PM
Xerox Launches Cybersecurity Solution for SMBs Amid Strategic Shifts
Xerox Holdings Corporation stocks have been trading up by 11.54 percent, driven by positive investor sentiment.
November 19, 2025 03:00 PM
Xerox unveils cybersecurity solution for SMBs leveraging Palo Alto Networks
Xerox has unveiled a new cybersecurity solution specifically designed for small and medium-sized businesses (SMBs).
November 19, 2025 02:48 PM
Xerox launches unified cybersecurity solution for SMBs powered by Palo Alto Networks and cyber insurance from The Hartford
Hartford Insurance Group Inc: Xerox launches unified cybersecurity solution for SMBs powered by Palo Alto Networks and cyber insurance from...
November 19, 2025 02:18 PM
Xerox unveils cybersecurity solution for small businesses
NORWALK, Conn. - Xerox Holdings Corporation (NASDAQ:XRX) announced Wednesday the launch of Xerox TriShield 360 Cyber Solution,...
November 19, 2025 02:00 PM
Xerox Launches Unified Cybersecurity Solution for SMBs Powered by Palo Alto Networks and Cyber Insurance from The Hartford
NORWALK, Conn., November 19, 2025--Xerox today announced the launch of XeroxTM TriShield 360 Cyber Solution, a holistic cybersecurity...
August 30, 2025 07:00 AM
Xerox CISO Dr. Jay On Artificial Intelligence And The Internet of Crimes
Cybercrime Magazine interviewed Dr. Jay to hear her story about being a top woman in cyber, and how she came from being a mathematics major...
August 14, 2025 08:26 AM
PoC Released for Xerox FreeFlow Core Flaw Allowing Remote Code Execution
Cybersecurity researchers at Horizon3.ai have uncovered two critical zero-day vulnerabilities in Xerox FreeFlow Core, a widely used print orchestration...
August 14, 2025 07:00 AM
Xerox FreeFlow Core Vulnerability Allows Remote Code Execution — PoC Now Public
Researchers have disclosed vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Xerox CyberSecurity History Information
Official Website of Xerox
The official website of Xerox is http://www.xerox.com.
Xerox’s AI-Generated Cybersecurity Score
According to Rankiteo, Xerox’s AI-generated cybersecurity score is 663, reflecting their Weak security posture.
How many security badges does Xerox’ have ?
According to Rankiteo, Xerox currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Xerox have SOC 2 Type 1 certification ?
According to Rankiteo, Xerox is not certified under SOC 2 Type 1.
Does Xerox have SOC 2 Type 2 certification ?
According to Rankiteo, Xerox does not hold a SOC 2 Type 2 certification.
Does Xerox comply with GDPR ?
According to Rankiteo, Xerox is not listed as GDPR compliant.
Does Xerox have PCI DSS certification ?
According to Rankiteo, Xerox does not currently maintain PCI DSS compliance.
Does Xerox comply with HIPAA ?
According to Rankiteo, Xerox is not compliant with HIPAA regulations.
Does Xerox have ISO 27001 certification ?
According to Rankiteo,Xerox is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Xerox
Xerox operates primarily in the Business Consulting and Services industry.
Number of Employees at Xerox
Xerox employs approximately 50,167 people worldwide.
Subsidiaries Owned by Xerox
Xerox presently has no subsidiaries across any sectors.
Xerox’s LinkedIn Followers
Xerox’s official LinkedIn profile has approximately 953,738 followers.
NAICS Classification of Xerox
Xerox is classified under the NAICS code 5416, which corresponds to Management, Scientific, and Technical Consulting Services.
Xerox’s Presence on Crunchbase
No, Xerox does not have a profile on Crunchbase.
Xerox’s Presence on LinkedIn
Yes, Xerox maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/xerox.
Cybersecurity Incidents Involving Xerox
As of December 03, 2025, Rankiteo reports that Xerox has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Xerox has an estimated 17,976 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Xerox ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Xerox detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with outside cybersecurity specialists, and third party assistance with experian..
Incident Details
Can you provide details on each incident ?
Title: Xerox Business Solutions Security Incident
Description: Xerox cybersecurity staff discovered and resolved a security incident that recently affected Xerox Business Solutions, a division of Xerox. The business declared that in addition to taking the required actions to further safeguard the XBS IT environment, they are actively collaborating with outside cybersecurity specialists to carry out a comprehensive investigation into this issue. The event had no influence on XBS operations or on the corporate systems, data, or operations of Xerox. According to the firm, preliminary findings from their inquiry suggest that certain personal data within the XBS environment might have been compromised.
Type: Data Breach
Title: Xerox Corporation Data Breach
Description: The Maine Office of the Attorney General reported that Xerox Corporation experienced a data breach on December 10, 2023, due to an external system breach (hacking), affecting 181 individuals in total, including 1 resident. The breached information included personal details such as Social Security numbers, and the company is providing 24 months of identity and credit monitoring services through Experian.
Date Detected: 2023-12-10
Type: Data Breach
Attack Vector: Hacking
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach XER224321124
Data Compromised: Personal data
Incident : Data Breach XER336072725
Data Compromised: Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are personal data, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach XER224321124
Entity Name: Xerox Business Solutions
Entity Type: Division
Industry: Technology
Incident : Data Breach XER336072725
Entity Name: Xerox Corporation
Entity Type: Corporation
Industry: Technology
Customers Affected: 181
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach XER224321124
Third Party Assistance: outside cybersecurity specialists
Incident : Data Breach XER336072725
Third Party Assistance: Experian.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through outside cybersecurity specialists, Experian, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach XER224321124
Type of Data Compromised: personal data
Incident : Data Breach XER336072725
Type of Data Compromised: Social security numbers
Number of Records Exposed: 181
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach XER336072725
Source: Maine Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney General.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach XER224321124
Investigation Status: ongoing
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as outside cybersecurity specialists, Experian, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-12-10.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal data, , Social Security numbers and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was outside cybersecurity specialists, experian, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were personal data and Social Security numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 181.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
Risk Information
cvss3
Base: 4.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Description
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.
Risk Information
cvss3
Base: 8.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=xerox' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
