On Friday, December 2nd, managed cloud computing company Rackspace detected suspicious activity on its hosted Exchange environment. Upon discovery, Rackspace immediately took proactive measures to isolate the hosted Exchange environment and contain the incident, working alongside industry-leading third-party cybersecurity experts. The company has now determined that this suspicious activity was the result of a ransomware incident and has hired a leading cyber defence firm to investigate.

At this time, Rackspace has not determined what customer data was affected by the ransomware attack. The company stated that if it determines that sensitive information was affected, it will notify customers as appropriate. Rackspace has reiterated that the intrusion was isolated to its hosted Exchange businesses and noted that there has been no impact to Rackspace Email or its other products.

In the wake of the attack, Rackspace has urged its customers to migrate their users and domains to Microsoft 365. The company has admitted that it does not have a timeline for restoring its hosted Exchange email services and has reported that it has already helped "thousands of customers move tens of thousands of users" to Microsoft 365.

It is currently unclear how many Rackspace customers have been affected by the ransomware attack or who is responsible for it. The company has not provided information on how the attackers breached its network or the payment demanded. Rackspace has stated that it has put additional security measures in place and will continue to actively monitor for any suspicious activity.

In response to the attack, a California legal firm has announced that it will be acting against Rackspace on behalf of affected users. The lawsuit, Stephenson, et al. v. Rackspace Technology, has been filed in the Western District of Texas. Rackspace has stated that any incremental costs related to the incident response will not be passed on to its customers.

PROTECTING AGAINST RANSOMWARE

Ransomware attacks can be very harmful to companies, so it is important to know how to protect against them. To ensure that you are kept safe against potential cybersecurity threats, including ransomware, we recommend the following:

  • Keep and ensure all your software is up to date as they may contain the latest cybersecurity updates to keep you safe,
  • Do not click on any suspicious links or emails, especially from those unknown.