Security News > 2023 > November > Rackspace racks up $12M bill in ransomware raid recovery
Rackspace's costs from last year's ransomware infection continue to mount: the cloud hosting biz told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million - so far.
Rackspace ultimately blamed the Play crew for the intrusion, and said the miscreants broke in after exploiting CVE-2022-41080, a critical Exchange privilege escalation bug, before Microsoft could issue a fix.
In its most recent 10-Q quarterly report to the SEC, Rackspace said it racked up $5.1 million in ransomware-related expenses between April and September 30, 2023.
Rackspace declined to comment on its ransomware-related losses and legal battles.
"Rackspace Technology does not disclose any information regarding pending litigation other than what may be required in connection with our SEC filings," a spokesperson told The Register.
In an earlier quarterly expense report, Rackspace told the SEC that it had spent $6.6 million in ransomware-related costs.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/11/16/rackspace_ransomware_costs/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-09 | CVE-2022-41080 | Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019 Microsoft Exchange Server Elevation of Privilege Vulnerability | 8.8 |