Security News > 2023 > January > Rackspace: Customer email data accessed in ransomware attack

"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," Rackspace said in an incident report update shared with BleepingComputer in advance.

"Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor."

Even if the data may not be leaked if a ransom is paid or for some other reason, it is very likely that customer data was at least viewed during the attack.

Since discovering the attack on December 2 and confirming the resulting outage was caused by a ransomware attack, Rackspace has been offering affected customers free licenses to migrate their email from its Hosted Exchange platform to Microsoft 365.

BleepingComputer asked a Rackspace spokesperson earlier today if the email data is being restored from Rackspace's backups or with the help of a decryption tool provided by the Play ransomware attackers.

Rackspace added in today's update that its Hosted Exchange environment would be discontinued, saying that it was already planning to migrate customers to Microsoft 365 even before the December ransomware attack.

News URL

https://www.bleepingcomputer.com/news/security/rackspace-customer-email-data-accessed-in-ransomware-attack/