Rackspace Ransomware Costs Soar to Nearly $12m | DCN

Financial disclosures filed over the past year show that Rackspace Technology has continued to rack up expenses and losses following last year’s December ransomware attack on one of its hosted Microsoft Exchange servers. So far, the incident costs have soared well into eight figures.

Rackspace is a Texas-based, cloud computing services provider, largely for small and midsize businesses (SMBs), and declined to comment for this story on its financial statements. On December 2, 2022, a ransomware attack disrupted email services for thousands of its SMB customers by way of the ProxyLogOn zero-day vulnerability (CVE-2021-26855), which it had not patched due to operational concerns with the update.

Related: Rethinking Physical Data Center Security in the Digital Age

By March of this year, Rackspace ransomware-related expenses reached $3.2 million, including remediation costs, legal fees, and other professional services, according to its 10-Q report. A subsequent 10-Q filing with the Securities and Exchange Commission (SEC) reported that first-quarter expenses related to the cybersecurity incident were $1.7 million, and the second quarter’s amounted to $4.9 million, putting the new total for expenses for recovery at $6.6 million.

Fast-forward to Rackspace Technology’s most recent 10-Q, and the company has added another $5 million to the tally, with the caveat that the company expects a cyber insurance payout of $5.4 million. But even with a full insurance check, Rackspace is still out at least $6 million in bills related to this single ransomware attack, according to its disclosures.

Related: Cloud Trends and Cybersecurity Challenges: Navigating the Future

Beyond expenses, in an August financial disclosure, Rackspace reported that it had already incurred losses of more than $10.8 million related to the ransomware incident, and that it is named in multiple lawsuits following the compromise.

For a company as large as Rackspace, the costs of weathering this cyberattack are a tiny fraction of its overall business. According to its financials, despite the ransomware cyber incident there was still enough money in the company coffers to fund a total of $222 million in stock buy-backs through July of this year using a $77 million cash on hand.

Other companies victimized by ransomware attacks might not be as financially well positioned to weather the long-tail fallout.