Rackspace blames ransomware woes on zero-day attack

Rackspace has confirmed the Play ransomware gang was behind last month’s hacking and said it won’t bring back its hosted Microsoft Exchange email service, as it continues working to recover customers’ email data lost in the December 2 ransomware attack.

Rackspace said “more than half” of its customers who lost their hosted email service last month now have “some or all of their data available to them for download,” in its latest and final status update, posted today. But customers aren’t exactly jumping at the chance to access this data, the update continued:

Rackspace also disclosed some new information about how many customers were hit by the email fiasco.

“Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table (PST) of 27 Hosted Exchange customers,” according to the update. 

And, it added, according to CrowdStrike, which Rackspace hired to help with the recovery and remediation effort, “there is no there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the 27 Hosted Exchange customers’ emails or data in the PSTs in any way.”

Rackspace did not disclose the ransom demand, or if it paid the criminals to decrypt the stolen data.

It also confirmed that the hosted Exchange email product, which only represents 1 percent of the company’s annual revenue, won’t be rebuilt.

“Even prior to the recent

Read more

Explore the site

More from the blog

Latest News