Play ransomware gang behind Rackspace attack

Texas Public Radio reports that the Play ransomware gang has been noted by Rackspace to be the perpetrators of an attack against its Hosted Exchange platform in early December. Tens of thousands of users were unable to access their emails because of the attack, which also led to multiple class-action lawsuits against Rackspace that accused them of failing to secure its systems and user data, and failing to immediately inform customers about the security breach. A previously unknown zero-day exploit was used to access the company's systems, according to an investigation by cybersecurity firm CrowdStrike. A Rackspace spokesperson said more information about the attack will be released in the coming week and also confirmed that some users who had recovered more than 50% of their inboxes were able to begin downloading their data. Although no details about how much user data could be recovered, the spokesperson said the company expects to retrieve data for the majority of its users.