Cloud computing giant Rackspace has confirmed hackers accessed customer data during last month’s ransomware attack.
The attack, which Rackspace first confirmed on December 6, impacted the company’s hosted Exchange email environment, forcing the web giant to shut down the hosted email service following the incident. At the time, Rackspace said it was unaware “what, if any, data was affected.”
In its latest incident response update published on Friday, Rackspace admitted that the hackers gained access to the personal data of 27 customers. Rackspace said the hackers accessed PST files, typically used to store backup and archived copies of emails, calendar events and contacts from Exchange accounts and email inboxes.
Rackspace said about 30,000 customers used its hosted Exchange service — which it will now discontinue — at the time of the ransomware attack.
“We have already communicated our findings to these customers proactively, and importantly, according to Crowdstrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the 27 Hosted Exchange customers’ emails or data in the PSTs in any way,” said Rackspace. The company added that customers that haven’t been contacted directly can “be assured” that their data was not accessed by attackers.
Rackspace attributed the breach to the Play ransomware group, a relatively new gang that recently claimed attacks on the Belgian port city of Antwerp and the H-Hotels hospitality chain. Rackspace’s stolen data is not currently listed on the ransomware group’s leak site, and it’s unclear if Rackspace has paid a ransom demand.
According to the incident report update, Play threat actors gained access to Rackspace’s networks by exploiting CVE-2022-41080, a zero-day flaw patched by Microsoft in November that has been linked to previous ransomware incidents.
Latest Stories
-
MPs’ Repeated Attempts to Sue the Speaker: Unintended Consequences for the 2024 Elections?
52 seconds -
Today’s front pages: Tuesday, November 5, 2024
11 mins -
Galamsey: Investigation into attack on Joy News’ Erastus Asare and colleagues already growing cold
42 mins -
Mahama promises construction of stadia in all 16 regions if elected
60 mins -
Dampare has transformed Police training school – Bawumia
1 hour -
America braced as two stark visions collide on election day
1 hour -
NAPO urges Ghanaians to support NPP’s vision for national development
1 hour -
About 95% of PWDs in Obuasi have source of livelihood – MCE
1 hour -
Immigration Service intercepts 54 gallons of fuel
2 hours -
Election 2024: Roman Fada selected as flagbearer for Ghana Freedom Party
2 hours -
Bawumia to launch Ghana’s credit scoring system on Nov. 7
2 hours -
Alan to combat galamsey with strategic youth-centred business model
2 hours -
Agona Swedru chiefs commit to ending child marriage within their jurisdiction
2 hours -
Sunyani Traditional Council endorses Bawumia – NAPO government
2 hours -
Adutwum defends double track in Free SHS, citing research and positive outcomes
2 hours