The "security incident" previously reported by Rackspace (opens in a new tab) has now been confirmed to be a ransomware breach that affected its Hosted Exchange solution.
As a precaution, Rackspace has isolated its Hosted Exchange offering in an effort to contain the incident and is in communication with customers to help them migrate to a new environment.
The issue was discovered on December 2, 2022, at which time Rackspace says its internal security team is getting help from a cyber defense company to investigate.
Security breach partially resolved
Based on the investigation to date, Rackspace asserts that this incident has been isolated from its Hosted Exchange business and all of its other products and services are fully operational. The company added that it had no impact on its messaging services (opens in a new tab) and platform.
“The latest Rackspace outage shows us that bigger doesn't always equal better when it comes to cloud services. However, many users still subscribe to this myth, with name recognition and scale helping to present Big Tech cloud providers as infallible,” said Mark Boost, CEO of Civo.
“However, the latest large-scale cloud outage once again refutes that view. Hyperscalers have a large number of endpoints that can lead to a security vulnerability. On top of that, its size means there are a large number of moving parts, adding unnecessary layers of complexity that increase the risk of non-compliance or failure.
In a blog post (opens in a new tab), Rackspace mentions that it has implemented additional security measures and will continue to actively monitor suspicious activity following the ransomware incident.
Rackspace has not ruled out the possibility that this incident will continue to cause disruption to its Hosted Exchange solution and result in lost revenue for the Hosted Exchange business.
Its Hosted Exchange environment currently generates €30 million in annual revenue in the cross-platform and application segment.
The Hosted Exchange environment includes 100 GB mailboxes, real-time Outlook, OWA and mobile sync, as well as anti-spam and anti-virus features.