(817) 767-9400 info@novusitinc.com

The Financial Impact of Rackspace Ransomware Attack

The Rackspace ransomware attack continues to have significant financial repercussions for the cloud hosting company. According to recent filings with the U.S. Securities and Exchange Commission (SEC), the total costs related to this ransomware infection have escalated to approximately $11 million, with insurance covering about half of these expenses.

Rackspace Ransomware Attack: Initial Impact and Response

Initially referred to as a “security incident,” the Rackspace ransomware attack notably disrupted hosted Microsoft Exchange services on December 2, 2022. This incident primarily affected small and mid-sized businesses, causing an email service outage that persisted into January. Rackspace later identified the attack as a ransomware infection, attributing it to the Play crew who exploited a critical Exchange privilege escalation bug, CVE-2022-41080, before Microsoft could release a patch.

Financial Toll of the Rackspace Ransomware Attack

Rackspace reported in its 10-Q quarterly report to the SEC that it incurred $5 million in costs related to the ransomware attack in the year ending September 30, 2023. These expenses encompassed investigation, remediation, legal fees, and other costs associated with resolving the security breach.

Insurance Payouts and Ongoing Expenses

During the same nine-month period, Rackspace received $5.4 million in insurance payouts to partially offset the ransomware-related costs. Including the $5.9 million spent in the aftermath of the attack reported last year, the total expenditure to date amounts to $10.9 million, alleviated by the insurance proceeds.

Potential Additional Costs from Ongoing Lawsuits

Rackspace faces several lawsuits in connection with the December 2022 Rackspace ransomware attack, which disrupted their Hosted Exchange email business. The lawsuits, seeking compensatory and equitable relief, represent a potential increase in financial liabilities for Rackspace, though the outcome and possible losses remain uncertain at this stage.

Rackspace’s Stance on Legal Matters and Losses

Rackspace has refrained from publicly commenting on the specific details of its ongoing legal issues and the financial losses stemming from the Rackspace ransomware attack, adhering to their policy of limiting disclosures to what is required in SEC filings.

Navigating the Aftermath of the Rackspace Ransomware Attack

The Rackspace ransomware attack highlights the enduring and multifaceted impact such cybersecurity incidents can have on businesses. As Rackspace continues to navigate the financial and legal challenges post-attack, the situation underscores the importance of robust cybersecurity measures and preparedness for potential legal ramifications.