How much to clean up a ransomware infection? For Rackspace, about $11M
And that's not counting the incoming lawsuits. Thank goodness for insurance, eh?
Rackspace's costs from last year's ransomware infection continue to mount. The cloud hosting biz has told America's financial watchdog, the SEC, its total expenses to date regarding that cyberattack have now reached about $11 million, though insurance has helped cover half of that.
The extortionware raid on the IT provider, initially described as a "security incident," hit Rackspace's hosted Microsoft Exchange on December 2, 2022, shutting down email services to thousands of customers, most of whom were small and mid-sized businesses.
Four days later, the corporation determined that a ransomware infection was responsible for the email meltdown, which lasted into January. Rackspace ultimately blamed the Play crew for the intrusion, and said the miscreants broke in after exploiting CVE-2022-41080, a critical Exchange privilege escalation bug, before Microsoft could issue a fix.
In its most recent 10-Q quarterly report to the SEC, Rackspace said it racked up $5 million in ransomware-related expenses in the year to September 30, 2023. These costs included investigation, remediation, legal, and other expenses tied to the security snafu.
Also during this nine-month period, Rackspace received $5.4 million in insurance payouts.
In a quarterly report at the end of last year, Rackspace told the securities regulator it had spent $5.9 million in ransomware-related costs. That means the total spent to date is $10.9 million, offset naturally by those insurance proceeds.
- Rackspace blames ransomware woes on zero-day attack
- Being one of the 1% sucks if you're a Rackspace user
- BlackCat plays with malvertising traps to lure corporate victims
- Clorox CISO flushes self after multimillion-dollar cyberattack
However, per the 10-Q, the ongoing lawsuits filed in response to the email disruption may mean an even bigger financial hit:
We are named in several lawsuits in connection with the December 2022 ransomware incident which caused service disruptions on our Hosted Exchange email business. The pending lawsuits seek, among other things, equitable and compensatory relief…at this early stage in the proceedings, we are not able to determine the probability of the outcome of these matters or a range of reasonably expected losses, if any.
Rackspace declined to comment on its ransomware-related losses and legal battles.
"Rackspace Technology does not disclose any information regarding pending litigation other than what may be required in connection with our SEC filings," a spokesperson told The Register. ®
Editor's note: This article was revised after publication to clarify Rackspace recorded $10.9 million in cyberattack-related expenses to date, not $11.7 million as first incorrectly calculated by us from its SEC filings. Though we regret the error, we are happy to make this correction. Spokespeople for Rackspace also got in touch to emphasize that that figure will be and has been reduced by insurance payments.