Security News > 2023 > January > Rackspace: Customer email data accessed in ransomware attack
"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," Rackspace said in an incident report update shared with BleepingComputer in advance.
"Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor."
Even if the data may not be leaked if a ransom is paid or for some other reason, it is very likely that customer data was at least viewed during the attack.
Since discovering the attack on December 2 and confirming the resulting outage was caused by a ransomware attack, Rackspace has been offering affected customers free licenses to migrate their email from its Hosted Exchange platform to Microsoft 365.
BleepingComputer asked a Rackspace spokesperson earlier today if the email data is being restored from Rackspace's backups or with the help of a decryption tool provided by the Play ransomware attackers.
Rackspace added in today's update that its Hosted Exchange environment would be discontinued, saying that it was already planning to migrate customers to Microsoft 365 even before the December ransomware attack.
News URL
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Rackspace monitoring data stolen in ScienceLogic zero-day attack (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)