Tweet
The hackers that attacked Rackspace in December 2022 did manage to access personally identifiable information on roughly two dozen customers, the company has confirmed following the forensic analysis of the event.
Fortunately, there is no evidence that the data obtained during the attack was abused, it added.
In December last year, ransomware operators using the Play malware variant targeted Rackspace, taking down its hosted Microsoft Exchange environment.
[HEADING=1]Migrating to Microsoft 365[/HEADING]
Initially, the company reported of a âsignificant failureâ in its Hosted exchange environment, also adding that the problem was âisolated to a portion of our Hosted Exchange platformâ. The issues manifested themselves as âconnectivity and login issuesâ, and took most of the weekend to address.
After restoring its services, Rackspace employed cybersecurity experts Crowdstrike to lead the forensic analysis, which determined that the attackers accessed some of its customersâ Personal Storage Table (PST) files, holding information such as emails, calendar data, contacts, and tasks.
In total, 27 customers have had their data accessed:
âOf the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table (âPSTâ) of 27 Hosted Exchange customers,â a Rackspace incident report read.
âWe have already communicated our findings to these customers proactively, and importantly, according to Crowdstrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the 27 Hosted Exchange customersâ emails or data in the PSTs in any way.â
âCustomers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor.â
Read more
Going forward, Rackspace will be discontinuing its Hosted Exchange environment and migrating customers to Microsoft 365. Apparently, that was always the plan, even before the incident.
âFinally, the Hosted Exchange email environment will not be rebuilt as a go-forward service offering,â Rackspace said.
âEven prior to the recent security incident, the Hosted Exchange email environment had already been planned for migration to Microsoft 365, which has a more flexible pricing model, as well as more modern features and functionality.â
[ul]
[li]Check out the best firewalls around[/li][/ul]
Via: BleepingComputer
Continue readingâŚ
Fortunately, there is no evidence that the data obtained during the attack was abused, it added.
In December last year, ransomware operators using the Play malware variant targeted Rackspace, taking down its hosted Microsoft Exchange environment.
[HEADING=1]Migrating to Microsoft 365[/HEADING]
Initially, the company reported of a âsignificant failureâ in its Hosted exchange environment, also adding that the problem was âisolated to a portion of our Hosted Exchange platformâ. The issues manifested themselves as âconnectivity and login issuesâ, and took most of the weekend to address.
After restoring its services, Rackspace employed cybersecurity experts Crowdstrike to lead the forensic analysis, which determined that the attackers accessed some of its customersâ Personal Storage Table (PST) files, holding information such as emails, calendar data, contacts, and tasks.
In total, 27 customers have had their data accessed:
âOf the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table (âPSTâ) of 27 Hosted Exchange customers,â a Rackspace incident report read.
âWe have already communicated our findings to these customers proactively, and importantly, according to Crowdstrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the 27 Hosted Exchange customersâ emails or data in the PSTs in any way.â
âCustomers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor.â
Read more
Rackspace confirms âsecurity incidentâ across some of its servers
Rackspace customers are still being affected by Microsoft Exchange issue
These are the best malware protection solutions today
Rackspace customers are still being affected by Microsoft Exchange issue
These are the best malware protection solutions today
âFinally, the Hosted Exchange email environment will not be rebuilt as a go-forward service offering,â Rackspace said.
âEven prior to the recent security incident, the Hosted Exchange email environment had already been planned for migration to Microsoft 365, which has a more flexible pricing model, as well as more modern features and functionality.â
[ul]
[li]Check out the best firewalls around[/li][/ul]
Via: BleepingComputer
Continue readingâŚ