October 1, 2024 at 03:35PM
Rackspace experienced a data breach due to a zero-day vulnerability in ScienceLogic’s third-party tool. ScienceLogic promptly developed a patch and distributed it to impacted customers. The breach exposed limited customer monitoring data, leading Rackspace to rotate credentials and inform customers. The impact on customers and potential exploitation attempts remains unknown.
Based on the meeting notes, the key takeaways are:
– Rackspace suffered a data breach due to a zero-day vulnerability in a third-party tool used by the ScienceLogic SL1 platform.
– ScienceLogic quickly developed a patch to address the risk and distributed it to all impacted customers, providing assistance where needed.
– Rackspace’s SL1 solution was hacked via the zero-day, leading to the theft of limited customer monitoring data, including customer account names and numbers, usernames, device information, and IP addresses.
– Rackspace rotated affected credentials as a precaution and informed customers that no further action was needed to protect from the malicious activity.
– The breach could potentially expose IP addresses and lead to DDoS attacks or further exploitation attempts.
– The number of impacted customers is currently unknown.
– Rackspace did not respond to further questions from BleepingComputer.