1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Rackspace confirms customer data was hit in ransomware attack

    From TechnologyDaily@1337:1/100 to All on Fri Jan 6 16:00:03 2023
    Rackspace confirms customer data was hit in ransomware attack

    Date:
    Fri, 06 Jan 2023 15:43:12 +0000

    Description:
    Dozens of Rackspace customers had their data accessed, but there's no
    evidence of it being abused yet.

    FULL STORY ======================================================================

    The hackers that attacked Rackspace in December 2022 did manage to access personally identifiable information on roughly two dozen customers, the company has confirmed following the forensic analysis of the event.

    Fortunately, there is no evidence that the data obtained during the attack
    was abused, it added.

    In December last year, ransomware operators using the Play malware variant targeted Rackspace, taking down its hosted Microsoft Exchange environment. Migrating to Microsoft 365

    Initially, the company reported of a significant failure in its Hosted exchange environment, also adding that the problem was isolated to a portion of our Hosted Exchange platform. The issues manifested themselves as connectivity and login issues, and took most of the weekend to address.

    After restoring its services, Rackspace employed cybersecurity experts Crowdstrike to lead the forensic analysis, which determined that the
    attackers accessed some of its customers Personal Storage Table (PST) files, holding information such as emails, calendar data, contacts, and tasks.

    In total, 27 customers have had their data accessed:

    "Of the nearly 30,000 customers on the Hosted Exchange email environment at the time of the attack, the forensic investigation determined the threat
    actor accessed a Personal Storage Table ('PST') of 27 Hosted Exchange customers," a Rackspace incident report read.

    "We have already communicated our findings to these customers proactively,
    and importantly, according to Crowdstrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the
    27 Hosted Exchange customers' emails or data in the PSTs in any way."

    "Customers who were not contacted directly by the Rackspace team can be assured that their PST data was not accessed by the threat actor." Read more

    Rackspace confirms "security incident" across some of its servers


    Rackspace customers are still being affected by Microsoft Exchange issue


    These are the best malware protection solutions today

    Going forward, Rackspace will be discontinuing its Hosted Exchange
    environment and migrating customers to Microsoft 365. Apparently, that was always the plan, even before the incident.

    "Finally, the Hosted Exchange email environment will not be rebuilt as a go-forward service offering," Rackspace said.

    "Even prior to the recent security incident, the Hosted Exchange email environment had already been planned for migration to Microsoft 365, which
    has a more flexible pricing model, as well as more modern features and functionality." Check out the best firewalls around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/rackspace-confirms-customer-data-was-hit-in-ran somware-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)