Security incident disrupts Rackspace’s Exchange environments

BleepingComputer reports that U.S. cloud computing firm Rackspace Technology was impacted by a security incident that prompted an outage of its hosted Microsoft Exchange environments, which may have affected thousands of customers. Rackspace announced that its Outlook Web Access interface, ActiveSync, SMTP, IMAP, POP, and MAPI/RPC have been disrupted by the security incident impacting its Hosted Exchange Platform alone. "We proactively powered down and disconnected the Hosted Exchange environment while we triaged to understand the extent and the severity of the impact," said Rackspace. Clients hit by the outage have already been given Microsoft Exchange Plan 1 licenses, as well as instructions on email migration to Microsoft 365, according to Rackspace Head of Global Public Relations Natalie Silva. Rackspace's Microsoft Exchange server may have been compromised using the ProxyNotShell vulnerability, which was patched last month, said cybersecurity expert Kevin Beaumont, who noted that one of the firm's servers was running on a build linked with the August patch level.