Thousands of businesses have been left without access to email following a “security incident” at multi-cloud provider Rackspace which has impacted its hosted Microsoft Exchange environment. Though some servers are back online, the company says problems could continue for several days.
Rackspace spotted the issue on Friday and says it took immediate action to disable systems while it launched an investigation. “We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact,” the company said in a post to its service status page. “After further analysis, we have determined that this is a security incident.”
Rackspace Exchange servers offline: workaround suggested
The situation has continued into this week, though an update posted earlier today says some services are coming back online for “thousands” of customers.
The company has not released any information about what has caused the incident, and has advised its customers to sign up to an alternative email service, such as Microsoft’s cloud-based Office365, in the interim.
This may prove challenging for businesses with hybrid working set-ups, as all mailboxes must be moved to Office365 for “message flow to work properly,” Rackspace says, adding that “self migration can be a challenge”.
Such suggestions are unlikely to be welcomed by IT teams whose companies use Rackspace. “Your account administrator will need to manually set up each individual user on your account,” the Rackspace advisory continues. “Once your users have been set up and all appropriate DNS records are configured, their email access will be reactivated, and they will start receiving emails and can send emails. Please note, that DNS changes take approximately 30 minutes to provision and in rare cases can take up to 24 hours.”
Rackspace customers not pleased after security incident
Many customers have taken to Twitter to express exasperation at Rackspace’s support for affected users. Entrepreneur Amy Holden described the situation as “almost as stressful as the first days of [Covid-19] lockdown”. Holden said she believes her business bank account details may have been exposed in the incident, but this is currently unconfirmed.
Beware @Rackspace users affected by the exchange server breech. This morning a direct debit was presented to our company account by a company we have never heard of. We believe they may have got our bank account data from my emails and are spamming debits. #beware #rackspace
— Amy Holden BSc (hons) Psych. MBPS. (@amyworldalive) December 5, 2022
Tech Monitor has contacted Rackspace to ask whether any customer details or other data has been compromised as part of the incident, and how many users are impacted, but had not received a response at the time of publication.
Another customer, Jessica Jonap criticised the company’s response to the outage.
Texas-based Rackspace works with businesses around the world, and employs more than 6,000 people. It reported revenue of just over $3bn in 2021.