Problems began to arise on Friday, December 2, when the company announced that it had taken the Hosted Exchange service offline following a “security incident”.
In a Tuesday update, the company admitted a ransomware attack was the cause.
“As you are aware, on Friday, December 2, 2022, we became aware of suspicious activity and immediately took proactive measures to isolate the Hosted Exchange environment to contain the incident,” the company said.
“We have since determined that this suspicious activity was the result of a ransomware incident.”
The investigation – conducted jointly by a cyber defense firm and Rackspace’s internal security team – is still in its early stages, and there is no information on “what data, if any, was affected”.
The company has assured its customers that it will notify them if it finds evidence that the attackers have gained access to sensitive data.
All other Rackspace products and services, including its product line and messaging platform, are fully operational; the attack appears to have been limited to Hosted Exchange.
Rackspace’s Hosted Exchange business, which generates around $30 million in annual revenue, could suffer a loss of revenue as a direct result of the event, and Rackspace will likely have to spend more money to fix the problem.
The outage still affects all services that are part of the Hosted Exchange environment. These include MAPI/RPC, POP, IMAP, SMTP, and ActiveSync, in addition to the Outlook Web Access interface, which gives users access to online email management.
Rackspace makes resources available to its customers to facilitate the migration of their user accounts and domains to Microsoft 365.
“We strive to provide customers with inbox archives when available, for possible import into Microsoft 365.”
The firm says it is currently unable to provide a date for restoring the Hosted Exchange environment.
“We understand the frustration this situation has caused our customers and are doing everything we can to support them.”
Rackspace says it has increased the number of support staff available to help customers and says it will take additional steps to help them, to reduce disruption to operations.