It looks like this story will be playing for the next few weeks at least…:
[…] Maze published a set of 10 screenshots, showing directory listings from June 24 and 25, network shares, and the ransom note that is dropped after the encryption routine completes.
Specifically, one image shows that hosts on “eu.xerox.net,” managed by Xerox Corporation, were compromised. Systems on other domains might also be impacted.
While the domain reveals that Maze ransomware breached a Xerox branch in Europe, the names of the hosts hint that it’s the one in London.
Another screenshot of a desktop screen with the Xerox brand name shows the ransom note dropped by the attacker, who threatened to publish information from the breach if the company did not contact them in three days.