Rackspace Details

    Organization Logo

    Rackspace

    San Antonio, Texas6700 employees • Technology

    https://www.rackspace.com
    United States

    Industry

    Technology

    Security Incidents

    1

    Rackspace Technology, Inc. is a managed cloud computing company based in Windcrest, Texas, a suburb of San Antonio. Founded in 1998, Rackspace offers a range of services including multi-cloud computing, infrastructure, cloud management, cloud security, and data management services. The company's primary function is to help businesses of various sizes optimize their cloud operations, leveraging platforms like AWS, Google Cloud, Microsoft Azure, and others.

    Over the years, Rackspace has achieved a number of milestones. In 2006, the company launched its cloud computing services, and by 2008, it ...
    Show more

    Security Incidents

    Rackspace Breach of Oct 2024
    Severity Score
    Moderate to Significant

    Type

    Zero-Day Exploit

    Summary

    On September 24, 2024, Rackspace discovered a breach in its internal monitoring environment, caused by exploiting a zero-day vulnerability in a third-party utility bundled with ScienceLogic's SL1 software. This resulted in unauthorized access to three internal web servers used for performance monitoring. The attackers obtained limited customer information, including customer account names, numbers, usernames, device IDs, device names and IP addresses, and AES256 encrypted internal device agent credentials.

    Rackspace took immediate action by isolating the affected servers and briefly taking th...
    Show more

    Severity

    The recent cybersecurity incident at Rackspace involved the exploitation of a zero-day vulnerability within a third-party utility bundled with the ScienceLogic SL1 monitoring application. Intruders leveraged this exploit to gain access to three internal Rackspace monitoring web servers, retrieving limited customer information, which included account details, usernames, device IDs, and IP addresses, all of which were encrypted. Rackspace's core monitoring and alerting services continued uninterrupted, and the affected customer data was considered low sensitivity.

    Given that the breach resulted...
    Show more

    Impact

    Rackspace experienced a data breach due to the exploitation of a zero-day vulnerability in a third-party utility bundled with the ScienceLogic SL1 monitoring platform. The incident was discovered on September 24, 2024, and involved unauthorized access to three internal Rackspace monitoring web servers. Intruders managed to obtain limited customer monitoring data, including account names and numbers, usernames, device IDs and IP addresses, device names and information, and AES256 encrypted internal device agent credentials.

    Although the breach resulted in sensitive information being exposed, ...
    Show more

    KEEP YOUR ENVIRONMENT SECURE

    Weak credentials are the leading cause of breaches. Beyond Identity can help.

    See MFA exploits in action
    Watch how adversaries exploit companies in quick videos