Cloud computing giant Rackspace has confirmed hackers accessed customer data during last month’s ransomware attack.
The attack, which Rackspace first confirmed on December 6, impacted the company’s hosted Exchange email environment, forcing the web giant to shut down the hosted email service following the incident. At the time, Rackspace said it was unaware “what, if any, data was affected.”
In its latest incident response update published on Friday, Rackspace admitted that the hackers gained access to the personal data of 27 customers. Rackspace said the hackers accessed PST files, typically used to store backup and archived copies of emails, calendar events and contacts from Exchange accounts and email inboxes.
Rackspace said about 30,000 customers used its hosted Exchange service — which it will now discontinue — at the time of the ransomware attack.
“We have already communicated our findings to these customers proactively, and importantly, according to Crowdstrike, there is no evidence that the threat actor actually viewed, obtained, misused, or disseminated any of the 27 Hosted Exchange customers’ emails or data in the PSTs in any way,” said Rackspace. The company added that customers that haven’t been contacted directly can “be assured” that their data was not accessed by attackers.
Rackspace attributed the breach to the Play ransomware group, a relatively new gang that recently claimed attacks on the Belgian port city of Antwerp and the H-Hotels hospitality chain. Rackspace’s stolen data is not currently listed on the ransomware group’s leak site, and it’s unclear if Rackspace has paid a ransom demand.
According to the incident report update, Play threat actors gained access to Rackspace’s networks by exploiting CVE-2022-41080, a zero-day flaw patched by Microsoft in November that has been linked to previous ransomware incidents.
- Mobile Money transactions in only 2 months of 2023 hit ¢264.1bn
- We would all have sworn to Antoa if my dad was alive – Zanetor Rawlings
- Kamala Harris urges Ghana’s creditors to help meet debt obligation amid IMF talks
- Speculation that NDC imposed its decision on Minority Caucus is untrue – Sammy Gyamfi
- Popular American filmmaker Spike Lee is in Ghana
- T-Bills auction: sales undersubscribed by 23%; interest rates remain stable
- BoG increases policy rate to 29.5%; loans to remain expensive
- We’re committed to helping Ghana resolve current economic crisis – China assures
- Ghana records $752.8m trade surplus in first 2 months of 2023
- I don’t know – Akufo-Addo on presence or otherwise of Al-Qaeda troops in Ghana
- Kamala Harris features Black Sherif, Amaarae on Spotify playlist
- Kwaebibirem United FC to raise funds to support operation of the club
- 9-year-old Fotocopy makes history with two concerts in a day
- Ivy Setordjie: Drinking to a warming globe – Part 1
- World Theater Day: Stakeholders urged to commit more resources to industry
- I was sexually harassed on a bus – Ernest Opoku reveals
- Reports that banks are facing insolvency risk over DDE malicious – Ghana Association of Banks
- Re: Banks facing insolvency risks on debt exchange programme
- AFCON 2023Q: Osman Bukari salvages point for Black Stars against Angola
- Substantial elements of Anti-LGBTQ bill have been modified – Akufo-Addo
- Free SHS: Holistic approach to teaching and learning needed to sustain quality
- US commits $100m to help combat terrorism in coastal West Africa
- Ghana’s IMF programme: Paris Club, China, other creditors agree to form OCC
- Meet Jon Boafo, Ghana’s first international rower: A story of perseverance and dedication
- Economic activity contracts but consumer confidence improves – BoG