Rackspace’s Previously Reported “Security Incident” (opens in new tab) It has now been confirmed to be a ransomware breach that has compromised the Hosted Exchange solution.
As a precautionary measure, Rackspace has isolated its Hosted Exchange offering to contain the incident and is in contact with customers to help them migrate to a new environment.
The issue was discovered on December 2, 2022, where Rackspace says its internal security team is getting help from a cyber defense firm to investigate.
Partially resolved vulnerability
Based on the investigation to date, Rackspace says this incident was isolated from its Hosted Exchange business and all of its other products and services are fully operational. The company added that it has not experienced any impact on its email services (opens in new tab) and platform.
“Rackspace’s latest outage shows us that bigger doesn’t always equal better when it comes to cloud services. However, many users still subscribe to this myth, with brand awareness and scale helping to portray Big Tech cloud providers as infallible,” said Mark Boost, CEO of Civo.
“Yet the latest large-scale cloud outage refutes this view. Hyperscalers have a large number of endpoints that can lead to a vulnerability. In addition, their sheer size means there are a huge number of moving parts, adding unnecessary complexity, which increases the risk of a breach or failure.”
In a blog post (opens in new tab)Rackspace reports that it has taken additional security measures and will continue to actively monitor for suspicious activity following the ransomware incident.
Rackspace does not rule out the possibility that this incident may continue to cause disruptions to its Hosted Exchange solution and could lead to a loss of revenue for the Hosted Exchange business.
Currently, the Hosted Exchange environment generates $30 million in annual revenue in the Apps and Cross Platform segment.
The Hosted Exchange environment includes 100 GB mailboxes, real-time Outlook, OWA & mobile synchronization, as well as anti-spam and anti-virus features.