Security News

Rackspace monitoring data stolen in ScienceLogic zero-day attack
2024-10-01 19:30

Cloud hosting provider Rackspace suffered a data breach exposing "limited" customer monitoring data after threat actors exploited a zero-day vulnerability in a third-party tool used by the...

Rackspace internal monitoring web servers hit by zero-day
2024-09-30 23:08

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive Rackspace has told customers intruders exploited a zero-day bug in a...

How much to clean up a ransomware infection? For Rackspace, about $11M
2023-11-16 21:23

Rackspace's costs from last year's ransomware infection continue to mount. In its most recent 10-Q quarterly report to the SEC, Rackspace said it racked up $5 million in ransomware-related expenses in the year to September 30, 2023.

Rackspace racks up $12M bill in ransomware raid recovery
2023-11-16 21:23

Rackspace's costs from last year's ransomware infection continue to mount: the cloud hosting biz told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million - so far. Rackspace ultimately blamed the Play crew for the intrusion, and said the miscreants broke in after exploiting CVE-2022-41080, a critical Exchange privilege escalation bug, before Microsoft could issue a fix.

Lessons Learned on Ransomware Prevention from the Rackspace Attack
2023-02-08 15:04

The ransomware attack on Rackspace has taught us the importance of good cybersecurity habits. Rackspace took to social media on December 6, 2022, posting on Twitter that the outage resulted from a ransomware attack.

Rackspace ransomware attack was executed by using previously unknown security exploit
2023-01-09 13:47

The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week. "We will be sharing more detailed information with our customers and peers in the security community so that, collectively, we can all better defend against these types of exploits in the future," Rackspace noted in its final update on the concluded forensic investigation.

Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
2023-01-06 09:01

Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment.

Rackspace blames ransomware woes on zero-day attack
2023-01-05 23:40

Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack. Rackspace said "More than half" of its customers who lost their hosted email service last month now have "Some or all of their data available to them for download," in its latest and final status update, posted today.

Rackspace: Customer email data accessed in ransomware attack
2023-01-05 22:58

"Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat actor accessed a Personal Storage Table of 27 Hosted Exchange customers," Rackspace said in an incident report update shared with BleepingComputer in advance. "Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor."

Rackspace confirms Play ransomware was behind recent cyberattack
2023-01-04 22:21

Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments. While Crowdstrike didn't name the victim in their report, Rackspace officials have revealed in recent local media interviews and emails to BleepingComputer that the OWASSRF exploit was found on its network and Play ransomware was behind last month's ransomware attack.