Rackspace Hosted Exchange email service hit by ransomware attack

Rackspace appears to have suffered a security issue related to their Hosted Exchange mailbox environment, starting on December 2nd. You can find more information here, here and here.

From what I can tell, their Hosted Exchange systems make up only a small portion of the overall mailbox provider infrastructure hosted by Rackspace. Doing a quick check against the top 10 million domains suggests that the vast majority of mail traffic to Rackspace is handled by their non-Exchange infrastructure. Less than 1% of the Rackspace-hosted domains in the top 10 million domains point at the affected Exchange services. Rackspace's MX records typically look like mx*.emailsrvr.com for non-Exchange-using domains, and mex*.emailsrvr.com for Hosted Exchange infrastructure-using customers.

Sender impact is thus likely to be small -- you'll see a bit of bouncing at a handful of affected domains, as they're not able to accept mail at this time. If you're a mail/IT admin at an affected domain, Rackspace has indicated that they are helping affected customers move to Microsoft 365, Microsoft's cloud-based email (and office suite) solution.

Post a Comment