Categories: Tech NewsTechCrunch+

Rackspace blames ransomware attack for ongoing Exchange outage

Cloud computing giant Rackspace has confirmed that it has been hit by ransomware attack that has left a number of its customers without access to email.

Rackspace’s hosted Microsoft Exchange service started experiencing problems on Friday last week. At the time, Rackspace posted a notice on its status page saying that due to a “security incident,” it had “powered down and disconnected” the service. In an update published on Tuesday, Rackspace has confirmed that a ransomware attack is behind the ongoing outage. 

“As you know, on Friday, December 2nd, 2022, we became aware of suspicious activity and immediately took proactive measures to isolate the Hosted Exchange environment to contain the incident,” the company said in a statement on Tuesday. “We have since determined this suspicious activity was the result of a ransomware incident.”

Rackspace says that the investigation, led by an unnamed cyber defense firm, is in its early stages and that the company has yet to determine “what, if any, data was affected.” The company added that if it determines that sensitive information was affected, it will “notify customers as appropriate”.

When asked by TechCrunch, Rackspace spokesperson Natalie Silva declined to share any more information about the nature of the incident or how the hackers were able to compromise its systems. 

However, security researcher Kevin Beaumont believes the incident may involve exploitation of the Microsoft Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082, better known as ProxyNotShell. ProxyNotShell first came to light in late September after Vietnamese cybersecurity company GTSC observed it being exploited in the wild. Microsoft confirmed exploitation the following month and linked it to a state-sponsored hacker group.

The issues affecting Rackspace’s hosted Microsoft Exchange service remains ongoing at the time of writing. The company is currently moving its Hosted Exchange customers over to Microsoft 365 to limit disruption.

Rackspace noted that the ransomware incident could result in lost revenue for its hosted exchange business, which generates about $30 million a year. The company added that it could have incremental costs associated with its response to the incident.

Rackspace blames ransomware attack for ongoing Exchange outage by Carly Page originally published on TechCrunch

Recent Posts

Unlocking the Secrets of JSON.stringify(): More Than Meets the Eye

JSON (JavaScript Object Notation) is a lightweight data-interchange format widely used in web development. At…

2 months ago

How to Handle AJAX GET/POST Requests in WordPress

AJAX (Asynchronous JavaScript and XML) is a powerful technique used in modern web development that…

3 months ago

Page Speed Optimization: Post-Optimization Dos and Don’ts

Introduction After successfully optimizing your website for speed, it's essential to maintain and build upon…

3 months ago

Ultimate Guide to Securing WordPress Folders: Protect Your Site from Unauthorized Access

Securing your WordPress folders is crucial to safeguarding your website from unauthorized access and potential…

4 months ago

HTML CSS PHP File Upload With Circle Progress Bar

Creating a file upload feature with a circular progress bar involves multiple steps. You'll need…

5 months ago

Using WP Rocket with AWS CloudFront CDN

Integrating WP Rocket with AWS CloudFront CDN helps to optimize and deliver your website content…

5 months ago