Developers: | Rackspace |
Branches: | Internet services |
2023: Closure of mail service after cyber attack
In early January 2023, the reasons for the large-scale failure affecting the systems of Rackspace Technology, which provides cloud services, were announced. The incident led to the disconnection of the Rackspace Hosted Exchange mail service - the provider does not intend to restore its functioning, so it asks users to switch to other projects.
Problems in the operation of the Rackspace platform arose in early December 2022. The reason was the attack. programs extortioners The numerous failures that followed led to the unavailability of a number of services, including. At Exchange the time, Rackspace said it did not know "what data was affected." However, the company later admitted that at cybercriminals least 27 customers had stolen personal information.
According to Rackspace, the Play ransomware group is behind the hack. To organize the attack, the attackers used a zero-day exploit aimed at a vulnerability that Microsoft described in the CVE-2022-41080 security bulletin. Initially, it was assumed that this hole gives hackers the opportunity to raise the level of privilege in the victim's system. However, it later turned out that remote execution of arbitrary program code is also allowed. This is exactly what cybercriminals took advantage of.
Tens of thousands of users were affected by the attack. The consequences of the hack turned out to be so serious that Rackspace decided to put an end to the Microsoft Exchange service. According to Richard Yoo, co-founder and former CEO of Rackspace, the company is actually on the verge of death. He notes that business plan changes, personnel reshuffles, financial losses, staff cuts, and finally, the ransomware attack effectively destroyed the hosting provider's reputation, turning it into a midsize business as usual.[1]