Security Experts:

Connect with us

Hi, what are you looking for?



Rackspace Hit With Lawsuits Over Ransomware Attack

At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack.

At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack.

Rackspace’s Hosted Exchange environment started experiencing problems on December 2. The firm revealed one day later that it was dealing with a security incident that forced it to shut down its hosted Microsoft Exchange service.

Shortly after, it confirmed that the incident was a ransomware attack, but it did not provide any details. It’s unclear which ransomware group is behind the attack, whether any customer or other data has been compromised, or if Rackspace plans on paying a ransom.

On Thursday, Rackspace warned customers that scammers and other cybercriminals — other than the ones behind the attack — might be trying to take advantage of the incident. Customers have been warned that they might receive malicious emails, or phone calls designed to trick them into handing over their information.

In the meantime, at least two class action lawsuits have been filed against the company over the incident.

While Rackspace has not confirmed that any data has been compromised, California-based law firm Cole & Van Note has filed a lawsuit that describes the incident as a data breach. The lawsuit (Stephenson, et al. v. Rackspace Technology, Inc.) has been filed in the Western District of Texas.

“Despite hundreds of data breaches every year in this country, I am receiving reports of vulnerabilities in Rackspace’s hosting environment that go back over a year. That, and a seeming lack of backup protocols is why a lawsuit like this is critical,” said Scott Cole, the principal attorney on the case.

A separate class action was filed in the Western District of Texas by Chris Ondo, accusing the company of failing to protect customer data and poor communication with customers regarding the incident. The lawsuit seeks more than $5 million in damages.

Rackspace shares plunged after the cybersecurity incident came to light.

Until the Hosted Exchange environment is fully restored, impacted customers have been provided alternatives. However, the company admitted last week that the Hosted Exchange business, which generates roughly $30 million per year, could lose revenue due to the ransomware attack.

Related: SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach

Related: Class Action Lawsuit Filed Against Oracle Over Data Collection Practices

Related: US States Announce $16M Settlement With Experian, T-Mobile Over Data Breaches

Related: Samsung Sued Over Recent Data Breaches

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...