2022-12-06 Rackspace Technology, Inc. Cybersecurity Incident

Page last updated on April 11, 2024

Rackspace Technology, Inc. initially disclosed a cybersecurity incident in an SEC 8-K filing on 2022-12-06 08:30:33 EST.

Incident Details

Material: Unknown
Is Breach: Unknown
Records Compromised: Unknown
Data Types Impacted: No Data Types Tracked (yet)

Compromised Date:
Detected Date:
Disclosure Date: 2022-12-02
Contained Date:
Recovered Date:

Attack Goal: Unknown

Costs: No Costs Tracked (yet)

Filings

8-K filed on 2022-12-06

Rackspace Technology, Inc. filed an 8-K at 2022-12-06 08:30:33 EST
Accession Number: 0001193125-22-298940

Item 7.01 Regulation FD Disclosure.

On December 6, 2022, Rackspace Technology, Inc. (the “Company”) announced a ransomware incident affecting our Hosted Exchange environment, which is causing service disruptions for our Hosted Exchange customers. Alongside our internal security team, we have engaged a leading cyber defense firm to investigate. Immediately upon detecting the incident, we took proactive measures to isolate the Hosted Exchange environment to contain the incident.

Based on the investigation to date, the Company believes that this incident was isolated to our Hosted Exchange business. The Company’s other products and services are fully operational, and we have not experienced an impact to our Rackspace Email product line and platform. Out of an abundance of caution, we have put additional security measures in place and will continue to actively monitor for any suspicious activity.

The Company is in ongoing communication with Hosted Exchange customers to help them migrate to a new environment as quickly as possible. Rackspace has surged support staff and will be taking additional steps to help guide customers through this process in order to limit the impact to their own operations. Although we are in the early stages of assessing this incident, the incident has caused and may continue to cause an interruption in our Hosted Exchange business and may result in a loss of revenue for the Hosted Exchange business, which generates approximately $30 million of annual revenue in our Apps & Cross Platform segment. In addition, the Company may have incremental costs associated with its response to the incident.

The Company continues to investigate the incident. Beginning on December 2, 2022, the Company issued service announcements on its website with details relating to the foregoing incident, and will continue to post updates on its website as warranted.

The information in this Current Report on Form 8-K shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934 (the “Exchange Act”), or otherwise subject to the liabilities of that section, nor shall it be deemed incorporated by reference in any filing under the Securities Act of 1933 or the Exchange Act, except as expressly set forth by specific reference in such a filing.

8-K filed on 2022-12-09

Rackspace Technology, Inc. filed an 8-K at 2022-12-09 08:29:32 EST
Accession Number: 0001193125-22-301429

Item 7.01 Regulation FD Disclosure.

On December 9, 2022, Rackspace Technology, Inc. (the “Company”) issued an update following the recent ransomware incident affecting its Hosted Exchange email business, a managed email solution provided to small and medium businesses. Following the discovery of the incident, Rackspace engaged industry-leading global cybersecurity firm CrowdStrike to help investigate and remediate. Due to swift action on the Company’s part in disconnecting its network and following its incident response plans, CrowdStrike has confirmed the incident was quickly contained and limited solely to the Hosted Exchange Email business.

The Hosted Exchange Email business represents approximately 1% of Rackspace’s total annual revenue and is comprised of primarily small and medium businesses who solely use this product. No other Rackspace products, platforms, solutions, or businesses were affected or are experiencing downtime due to this incident.

Rackspace is actively transitioning the affected customers to the more modern Microsoft Office 365 - with many having already successfully completed the migration. Rackspace is working diligently and expeditiously with the goal of getting all customers back up and running. The Company is making all of its resources available to provide support to those remaining customers, including additional surge staff and a Microsoft Fast Track team who has deployed to supplement the Rackspace workforce.

“Our Information Security team had strong incident response protocols in place that led to the quick containment of the ransomware attack. We invest time and resources in cybersecurity - we take our processes and procedures very seriously around cyber threats. This is why other parts of our business and the vast majority of our customers were not affected in any way by the incident and remain secure and fully operational,” said Josh Prewitt, Rackspace Chief Product Officer.

Rackspace continues to make significant progress in its investigation into the incident. The Company’s investigation is also focused on understanding root cause and implementing additional security measures to defend against future cyber threats. Rackspace will share additional updates on these measures with customers as appropriate.

“We are a customer-first organization and sincerely apologize for the disruption this incident has caused those customers who utilize our Hosted Exchange email services,” Prewitt continued. “We have prioritized getting our customers back on email and have surged our staff and been working around the clock to support them in this transition. We have made significant progress getting customers back on email and will continue to focus our efforts to support customers and get them on email as soon as possible. We are continuing to work on data recovery, which we know is very important to our customers. Rackspace understands the importance of addressing this incident and we’ve prioritized communication with customers, exploring every potential avenue to reach them, share the information that is known, and most importantly, get them access to email.”

Rackspace maintains cybersecurity insurance commensurate with the size of its business, and is confident in its ability to absorb potential financial costs associated with the incident and fulfill its obligations to other customers.

The information in this Current Report on Form 8-K shall not be deemed “filed” for purposes of Section 18 of the Securities Exchange Act of 1934 (the “Exchange Act”), or otherwise subject to the liabilities of that section, nor shall it be deemed incorporated by reference in any filing under the Securities Act of 1933 or the Exchange Act, except as expressly set forth by specific reference in such a filing.

Company Information