Rackspace Rocked By Security Incident

Some of Rackspace’s hosted Microsoft Exchange services have been taken down by what the company has described as a “security incident”.

The company’s most recent incident report at the time of writing, time-stamped 01:57 Eastern Time on December 3rd, offers the following information.

“On Friday, Dec 2, 2022, we became aware of an issue impacting our Hosted Exchange environment. We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact. After further analysis, we have determined that this is a security incident.”

The incident is further described as “isolated to a portion of our Hosted Exchange platform”

Rackspace has no idea when it will be able to restore its service to those impacted by the security incident.

“We are actively working with our support teams and anticipate our work may take several days,” its status page advises.

The incident manifested as what Rackspace described as “connectivity and login issues.

An update time-stamped 08:19PM Eastern Time on December 2nd went a little further, describing it as “a significant failure in our Hosted Exchange environment.”

But no information about the cause of the incident is available at this time, however the combination of an outage and a lengthy restoration process suggest ransomware could well be a factor.

Rackspace has offered impacted customers free access to Microsoft Exchange Plan 1 licenses on Microsoft 365 for the duration of the incident and shared instructions on how to get that up and running. The instructions suggest the work to get it running will take 30 minutes to an hour.

Which won’t ruin weekends for the IT pros asked to get the job done, although Rackspace has warned that preserving data will be tricky for those with hybrid environments. What happens for pure-play hosted Exchange is not addressed in the status document.

So even if companies can make the move, Monday could be interesting at as the move to Microsoft 365 means mail will flow but likely means archives won’t be available. Good luck making Monday morning meetings or accessing email archives, Exchange-on-Rackspace customers.

Rackspace’s business is predicated on provision of secure and resilient services, so this incident is likely to go down very badly with customers as Exchange typically stores lots of sensitive data, and messaging and calendaring are core business functions.

If the incident spreads beyond hosted Exchange, their anger will be even stronger, as Rackspace host many mission-critical applications and vital data.

If you know more about this incident or you are one of the organisations impacted by it, let us know! ®

READ MORE HERE