Security News > 2023 > January > Rackspace blames ransomware woes on zero-day attack

Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack.

Rackspace said "More than half" of its customers who lost their hosted email service last month now have "Some or all of their data available to them for download," in its latest and final status update, posted today.

"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," according to the update.

Four days later, Rackspace admitted a ransomware infection was to blame, and over the subsequent weeks the company has been moving customers to cloud-based Microsoft 365 and working to recover their pre-December 2 email data, which, for some customers, includes a decade's worth of old messages and contacts.

Rackspace still hasn't said how many customers were affected by the email outage, or when it expects to complete the data recovery process.

"As the process remains underway, we want to remind customers that due to the nature of the incident, certain elements of email and other data may remain unavailable to our customers," Rackspace warned in a December 27, 2022 update.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/01/05/rackspace_ransomware_gang/