Rackspace Faces Massive Cleanup Costs After Ransomware Attack

After being hit with a ransomware attack at the end of 2022, Rackspace is now faced with fronting the cost of the cleanup, as well as legal fees, which at present have amounted to $10.8 million. 

The attack, which occurred in December 2022, disrupted email service for thousands of the customers of the managed cloud hosting services company, which are mostly small-to-midsize businesses. The ransomware attack came in the form of a zero-day exploit against a server-side request forgery vulnerability within the Microsoft Exchange server at the hands of Play ransomware group. The vulnerability — known as CVE-2022-41080 — was patched by Microsoft a month before the attack.

In a US filing, the company noted how the expenditures largely go to "costs to investigate and remediate, legal and other professional services, and supplemental staff resources that were deployed to provide support to customers." 

In addition to those costs, Rackspace has been named in multiple lawsuits due to the ransomware attack, many of which are seeking compensation via monetary funds, among other things. 

Rackspace expects a significant amount of the costs to be reimbursed by cyber-insurance companies. It has not noted whether or not it paid the initial ransom request.