Free Newsletters for the Channel
Register for Your Free Newsletter Now
Rackspace said the forensic investigation into the attack is now complete.
January 6, 2023
A threat actor known as Play launched last month’s ransomware attack on Rackspace. Service disruptions knocked thousands of its Hosted Exchange customers offline.
In its latest update, Rackspace said the forensic investigation into the attack is now complete. It worked with CrowdStrike, other cybersecurity experts and federal authorities to finalize the investigation.
Play used a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment.
“Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a personal storage table (PST) of 27 Hosted Exchange customers,” Rackspace said. “We have already communicated our findings to these customers proactively.”
CrowdStrike said there’s no evidence the threat actor viewed, obtained, misused or disseminated emails or data in the PSTs for any of the 27 Hosted Exchange customers.
No other Rackspace products, platforms, solutions or businesses were affected or experienced downtime due to this incident, the company said.
More than one-half of impacted customers have some or all of their data available to them for download.
“However, less than 5% of those customers have actually downloaded the mailboxes we have made available,” it said. “This indicates to us that many of our customers have data backed up locally, archived or otherwise do not need the historical data. We will continue working to recover all data possible as planned. However, in parallel, we are developing an on-demand solution for those customers who do still wish to download their data. We expect that the on-demand solution will be available within two weeks.”
Even prior to the recent security incident, the Hosted Exchange email environment had already been planned for migration to Microsoft 365. It has a more flexible pricing model, as well as more modern features and functionality, Rackspace said.
“Also, Rackspace Email continues to be unaffected and is an alternative option for customers who do not wish to migrate to Microsoft 365,” it said.
You May Also Like
The Gately Report: Trellix Partners Shielding SMBs from RansomwareFeb 26, 2024
Cloud Computing News: AWS Loses Another Key Exec to Azure; Canalys, Vega Cloud, Hyve NewsFeb 23, 2024
Channel Futures Reveals 2024 Circle of Excellence InducteesFeb 23, 2024
Canalys Channel Leadership Matrix Names AWS, Cisco, HP Among 'Champions'Feb 22, 2024