What is Rackspace?
Rackspace Technologies is a tech company that provides cloud-based servers, data storage and data backup services.
What Happened?
On December 2, 2022, at 2:49 a.m. EST, Rackspace posted a message stating that customers that used their hosted exchange email servers did not have email access. The Hosted Exchange services include mailboxes (up to 100GB), Microsoft Outlook, Outlook Web Access, mobile device synchronization, anti-spam and anti-virus protection.
On 12/6, Rackspace indicated that they suffered a ransomware attack.
Rackspace has not yet indicated when email service will be restored to their clients. In the meantime, email accounts and domains are being migrated to Microsoft 365. This temporary solution only provides access to new emails. Clients currently have no access to existing emails.
Rackspace has not reported the number of impacted customers. It has been speculated that the number of small and medium sized customers may be in the thousands.
Why is this Important?
In the old days, Microsoft Outlook and Office programs were installed on your company’s server. Email Exchange Servers were also physically located within your company. All emails, email attachments, documents, and spreadsheets were also stored on the server or on your desktop. Today, companies like Rackspace and Microsoft provide these applications with data storage in the cloud.
The Rackspace incident provides a sobering example that cloud applications and cloud stored data are not as safe as you think. Rackspace customers lost the ability to receive and send emails. According to news reports, many customers have email after Rackspace moved them over to Microsoft 365. But there is an ongoing concern of archived email data loss once email service is restored. Think about the impact to your organization and your job tasks if you lost the ability to send and receive emails, plus access to all of your old emails, both sent and received. My guess is that you will come to the same conclusion as me – the impact would be significant if not catastrophic.
Impact?
Loss of email typically means lost revenue. What is your organization’s tolerance to downtime? In other words, how long can you go without email? These are questions that need to be posed to each department. The loss of access to the EHR is the #1 issue, but that can be handled by going old school with paper documentation. The impact on other departments must be reviewed in detail.
Let’s start with the business office. Is there enough cash if billing Medicare, Medicare Advantage, Medicaid and private pay stops or takes longer than normal? What about follow-up of unpaid claims? Referrals? Communication with referring hospitals is typically handled by email. How do you review payor eligibility? How will you recruit staff for open positions without receiving email notifications from recruiting websites? Background checks and review of exclusion lists? The list goes on and on.
All of us are heavily dependent on emails to do our daily tasks. The temporary loss of being able to send or receive emails for a week or two is tolerable, but the tipping point may well be the possible loss of old emails and attachments.
What to do?
I reached out to Scott Wolff, President and Director of IT Operations at LanServ, Inc., a managed service provider (MSP) in St. Louis, and asked him: What do companies need to do to limit their email downtime and prevent the loss of archived (old) emails and attachments? Here is a list of recommendations from Scott W: