Home > Tech

Turns out your office printer is a huge cybersecurity risk

Researchers found six major printer brands that put customers' data at risk.
By Jack Morse  on 
Share on Facebook Share on Twitter Share on Flipboard
Turns out your office printer is a huge cybersecurity risk
And no, not just because it's frustrating. Credit: Andrey Popov / getty

Consider the office printer.

Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare.

Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers' findings with Mashable ahead of the aforementioned Aug. 10 talk, and they're enough to elicit serious double take.

"These flaws could be used by criminals as to gain long-term backdoor access into companies for possibly years on end, allowing them to come and go as they please, undetected, stealing sensitive data," a spokesperson explained to Mashable over email. "What’s more, criminals can spy on every print job and even send documents being printed to themselves or other unauthorized third parties."

Which — considering the type of data important enough to require a backup hard copy —doesn't sound good.

Interestingly, this announcement follows news that a Russian hacking team exploited unchanged default passwords in office printers this April in an attempt to gain access to sensitive corporate info.

Thankfully, Pérez and Vivar were able to get in touch with the six manufacturers in question and "most of the issues" they discovered have been patched — albeit in the case of an unnamed few companies, it took months of effort to reach them.

Unnervingly, the two researchers found "high risk issues" in all six of the printers they tested.

SEE ALSO: Hacker convention in Vegas is full of tin-foil hats. Literally.

"We stopped searching after a few vulnerabilities," notes a slide from their forthcoming presentation. "There are probably more."

It seems that, even in an online world, relics from the time when paper reigned supreme can still bite you in the ass. You've been warned.

Featured Video For You
Changing your office printer password may protect you against Russian hackers

Topics Cybersecurity

Mashable Image
Jack Morse

Professionally paranoid. Covering privacy, security, and all things cryptocurrency and blockchain from San Francisco.

Recommended For You
The entertainment-ready HP Chromebook Plus 15.6-inch is on sale for $100 off at Best Buy
By Haley Henschel
a close-up of a woman picking up an hp chromebook plus 15.6-inch off the floor
How to take a screenshot on a Chromebook
By Kimberly Gedeon
How to take a screenshot on a Chromebook
Mashable's favorite cloud gaming laptop just dropped to a record-low $469
By Christina Buff
Acer Chromebook with colorful background details
Chromebook vs. laptop: What are the differences?
By Haley Henschel
a lenovo thinkbook and an hp chromebook plus sitting on a wood table in front of houseplants
How to turn off touch screen on Chromebook
By Kimberly Gedeon
A visual description of disabling touch screen on a Chromebook
Trending on Mashable
NYT Connections today: See hints and answers for April 19
By Mashable Team
A phone displaying the New York Times game 'Connections.'
NYT's The Mini crossword answers for April 19
By Mashable Team
Closeup view of crossword puzzle clues
Wordle today: Here's the answer and hints for April 19
By Mashable Team
a phone displaying Wordle
Windows 10 will start pushing users to use Microsoft accounts. How to turn it off.
By Matt Binder
Windows 10
NYT Connections today: See hints and answers for April 18
By Mashable Team
A phone displaying the New York Times game 'Connections.'
The biggest stories of the day delivered to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up. See you at your inbox!