Security News > 2023 > January > Rackspace blames ransomware woes on zero-day attack
Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack.
Rackspace said "More than half" of its customers who lost their hosted email service last month now have "Some or all of their data available to them for download," in its latest and final status update, posted today.
"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," according to the update.
Four days later, Rackspace admitted a ransomware infection was to blame, and over the subsequent weeks the company has been moving customers to cloud-based Microsoft 365 and working to recover their pre-December 2 email data, which, for some customers, includes a decade's worth of old messages and contacts.
Rackspace still hasn't said how many customers were affected by the email outage, or when it expects to complete the data recovery process.
"As the process remains underway, we want to remind customers that due to the nature of the incident, certain elements of email and other data may remain unavailable to our customers," Rackspace warned in a December 27, 2022 update.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/01/05/rackspace_ransomware_gang/
Related news
- Massive PSAUX ransomware attack targets 22,000 CyberPanel instances (source)
- North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)