Rackspace's costs to deal with ransomware attack top $10 million

Rackspace's costs to deal with ransomware attack top $10 million
Eric Killelea
,
Staff Writer
Aug. 25, 2023
Updated: Aug. 27, 2023 3:09 p.m.
Comments
Rackspace Technology Inc. incurred costs to “investigate and remediate, legal and other professional services, and supplemental staff resources” in response to a ransomware attack, according to a regulatory filing.
Rackspace Technology Inc. incurred costs to “investigate and remediate, legal and other professional services, and supplemental staff resources” in response to a ransomware attack, according to a regulatory filing.

Marvin Pfeiffer
Rackspace Technology Inc. spent $10.8 million on expenses related to a ransomware attack in December that blocked thousands of customers from accessing their emails and related data, according to regulatory filings.

The San Antonio-based cloud computing company incurred costs, such as engaging a global cybersecurity firm, to “investigate and remediate, legal and other professional services, and supplemental staff resources that were deployed to provide support to customers,” according to a filing with the U.S. Securities and Exchange Commission.

RELATED: Rackspace posts another quarterly loss but touts ‘signs of progress’

The company — which has been facing legal claims by customers in San Antonio, Los Angeles and New York over the attack — said in filings that it “expects to continue to incur legal and other professional services costs in future periods.” Although it doesn’t expect any legal claims to have a “material adverse effect” on its consolidated financial position or results of operations, it’s unable “to determine the probability of the outcome of these matters or a range of reasonably expected losses.”

It also expects “a significant portion of the incremental costs” related to the attack to be covered by cybersecurity insurance.

Rackspace got a favorable court ruling in May, when a judge said the company won’t have to face proposed class-action litigation in San Antonio over the ransomware attack. U.S. District Judge Xavier Rodriguez dismissed litigation that had been brought by 37 plaintiffs from across the U.S. who lost access to email and related data as a result of the attack.

In December, Rackspace identified the ransomware attacker as a group called Play, saying the group used a new method to penetrate the company’s hosted Microsoft Exchange network. An internal investigation concluded that Play used a Rackspace customer’s credentials for an email account to gain access to a company server on Nov. 29, three days before launching the ransomware attack.

Amid falling stock prices, Rackspace in September 2022 determined that its Multicloud Services reporting unit “exceeded its fair value” and recorded an impairment of goodwill of $405 million during third quarter 2022, the SEC filings said.

About two months later, after the ransomware attack on Rackspace, the company’s market capitalization dropped, and it performed another assessment. In late December, it determined the Apps and Cross Platform reporting unit also “exceeded its fair value” and recorded impairment of goodwill of $129 million during fourth quarter 2022.

DAMAGE CONTROL: Rackspace criticized by customers, experts for its PR response to ransomware attack

“The impairment was driven by a decrease in forecasted revenues, margins, and cash flows within the reporting unit primarily due to the Hosted Exchange incident and other macroeconomic factors,” the company said in an SEC filing. “The Multicloud Services reporting unit was determined to have a fair value that exceeded its carrying value by approximately 1% and therefore no impairment was recognized.”

Also in that quarter, the company determined its OpenStack Public Cloud didn’t meet the cut and recorded a goodwill impairment charge of $52 million, citing “deteriorating forecasted margins and cash flows within the reporting unit primarily due to operating costs declining at a slower rate than previously anticipated.”

Rackspace’s stock, which had been declining since April 2021 when it traded for more than $25 per share, has risen slightly since it dipped even further after the ransomware attack. At market close on Friday, the stock was trading at $2.39 per share, down 53.5 percent year over year, though up from a 52-week low of $1.05 in May.

Although the company has continued to post quarterly losses after after realigning the company into separate public cloud and private cloud business units in January, it expressed optimism after releasing its second-quarter results.

RELATED: Rackspace wading into generative AI as it looks for a way to “turn this company around”

“I’m confident we have the right operating structure, people and capabilities to achieve this turnaround,” CEO Amar Maletira said after Rackspace’s second-quarter financial results were reported on Aug. 8. “The progress achieved to date has been meaningful as a focus on long-term sustained profitable growth.”

Meanwhile, the company has since launched an initiative involving artificial intelligence, its Foundry for Generative AI by Rackspace, which involves using an AI-powered chatbot that Rackspace developed this year to help global customers build their own such apps on platforms such as Amazon Web Services, Microsoft Azure and Google Cloud.