Read Time:1 Minute, 31 Second
Rackspace, an American cloud computing company, has confirmed that the Play ransomware gang is responsible for the breach of its systems that happened earlier this month.
The attack happened on the 2nd of December 2022 when an unauthorised individual gained access to some Rackspace Hosted Exchange email environments.
The Hacker News said, “Rackspace’s forensic investigation found that the threat actor accessed the Personal Storage Table (.PST) of 27 customers out of a total of nearly 30,000 customers on the Hosted Exchange email environment.”
The company also revealed that it had quickly identified the source of the attack and was able to limit its impact. However, they declined to comment on the number of customers affected or if any data had been taken.
Rackspace pointed customers to security supplier Crowdstrike for more information on exploiting the flaws, further establishing that the PLAY ransomware group was behind the attack.
PLAY conducted launched attacks against the H Hotel chain and other organisations throughout the world.
In addition to making the PST files accessible through portals, the company claimed to have alerted clients for whom it had retrieved more than 50% of their emails.
“It’s not currently not known if Rackspace paid a ransom to the cybercriminals, but the disclosure follows a report from CrowdStrike last month that shed light on the new technique, dubbed OWASSRF, employed by the Play ransomware actors.
“The mechanism targets Exchange servers that are unpatched against the ProxyNotShell vulnerabilities (CVE-2022-41040 and CVE-2022-41082) but have in place URL rewrite mitigations for the Autodiscover endpoint,” said The Hacker News.
Rackspace has since implemented several measures to strengthen its security and prevent future incidents. This includes enhanced access controls, better monitoring capabilities, and improved employee training. It is also conducting regular internal penetration tests as an additional layer of protection.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
