Rackspace Admits Security Incident, Helps Customers Migrate to Microsoft 365 Accounts

Correction: this article has been updated to reflect the fact that Rackspace's Hosted Exchange environment had not been restored at the time of writing.

Cloud company Rackspace has revealed it experienced a cybersecurity incident causing it to temporarily suspend its Hosted Exchange environment.

“On Friday, Dec 2, 2022, we became aware of an issue impacting our Hosted Exchange environment. We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact,” the company wrote on its website on Saturday.

“After further analysis, we have determined that this is a security incident. The known impact is isolated to a portion of our Hosted Exchange platform. We are taking necessary actions to evaluate and protect our environments.”

As the company assessed the extent of the security issue, it revealed it assisted customers in opening replacement Microsoft 365 accounts so they could resume sending and receiving emails.

“At this time, moving to Microsoft 365 is the best solution for customers, and we highly encourage affected customers to move to this platform,” Rackspace wrote on Sunday. “Since our last update, we have been able to successfully restore email services to thousands of customers on Microsoft 365.”

On the same day, the cloud service provider also said customers would implement a temporary solution allowing mail destined for a Hosted Exchange user to be routed to an external email address.

On Monday, the company said is “continue[d] to make progress on restoring email service to every affected customer” by helping them move to Microsoft 365. The migration would also be the best solution for customers who are now also able to implement temporary forwarding.

At the time of writing, it is unclear whether the security accident occurred because of threat actor activity or a system malfunction. Infosecurity has reached out to Rackspace, but the company has answered by simply directing us to the above blog post. The firm's  Hosted Exchange environment reportedly remains offline.

The security incident comes amidst an increase in attacks against cloud firms, with data from Snyk recently suggesting roughly 80% of organizations suffered a “severe” cloud security incident in the past year.

What’s Hot on Infosecurity Magazine?