Rackspace urged customers to be on the lookout for potential security scams following a recent ransomware attack on the company.
Earlier this month, Rackspace became aware of an issue where some users were experiencing connectivity errors when accessing the Outlook web app and syncing their email clients, prompting it to be seen offering free Microsoft 365 licenses. Exchange Plan 1 to affected users until resolved. certain. Now warns exposed users of potential phishing attacks.
Following an investigation, the company announced that it had added a "leading cyber defense company" to its internal security team to expedite investigations, before informing users that it was indeed a ransomware attack.
Rackspace Phishing Scam
Rackspace promises to migrate more than two-thirds of its customers to Microsoft 365 and has even set up dedicated phone lines to respond to transition issues or inquiries.
In the meantime, this is an ongoing case and updates are posted regularly on the incident web page (opens in a new tab). Updates like warning that this potential pain point presents an opportunity for phishers and scammers to take advantage of, urge customers to be diligent.
His team of assistants, known as Rackers, continue to actively reach out to customers to help them maintain access to their web services from email addresses associated with the company's domain (@rackspace.com), emphasizing that phone consultants they will not request login credentials or personally identifiable information, such as social security numbers.
It also highlights the importance of the language used: words like “urgent” should sound the alarm. In the interest of security, many may want to consider additional protection against identity theft.
A message in the company's update thread reads:
“If you get a message from someone you don't recognize, don't reply. Log in to your control panel and create a ticket that includes the details of the message you received. »
At this time, the company has yet to release an update on user data, which may have been breached and/or leaked. One statement reads as follows:
"...it is too early to say what, if any, data has been affected. If we determine that sensitive information has been affected, we will notify customers accordingly.
"Out of an abundance of caution, we have implemented additional security measures and will continue to actively monitor suspicious activity."