Rackspace Hosted Exchange down by a security incident

Rackspace Hosted Exchange Outage due to an unknown incident. Rackspace is a cloud services providing IT company based in Windcrest, Texas. On 2 December 2022, all its Hosted Exchange services came down in the morning.

Initially, Rackspace referred to it as a login and connectivity issue. The users were waiting for words from Rackspace officials about the Outage, but they were not responding. Customers reported that the support system is not replying to their emails either.

The updated status was an outrage, but not for any specific reason. Rackspace released the first update on 2 December at 2:49 AM. The update said that they were dealing with an issue that is affecting their Hosted Exchange environment. They will give further details as soon as they are available.

The status updates to connectivity issues soon after.

Next, at 1:54 PM, Rackspace updated its users that are still investigating the issue. The users might experience errors in syncing their email client and Outlook Web App. The issue was still addressed as a “connectivity problem” until 4:51 PM.

The next major update came four hours after; the status updated to a “significant failure”. With this next update, Rackspace came with a relief for the users. They offered free excess to Microsoft Exchange Plan 1 licenses on Microsoft 365. They provided the users with Microsoft exchange plans until they resolved the issue.

24 hours later, Rackspace officially announced that they are dealing with a “security incident”. Regarding this, their technicians have shut down the Exchange environment to resolve the problem.

Rackspace still didn’t announce the type of security incident. A security incident is generally classified into two types. First (CVE-2022-41040), Server Server-Side Request Forgery (SSRF), is the case in which a hacker succeeds in tampering with the data on the server.

Secondly, (CVE-2022-41082), Server Remote Code Execution, is the case where the hacker can infiltrate the server and be able to run codes in it. The exact details of the incident are still not out yet. The Hosted Exchange services are still down as of 5 December 2022.