Rackspace 2022 Data Breach Caused ‘Devastating Disruption’ to Customers’ Businesses, Class Action Says

New to ClassAction.org? Read our Newswire Disclaimer

Rackspace Technology, Inc faces a proposed class action over a December 2022 data breach that exposed sensitive customer data to cybercriminals and disrupted the business operations of clients who rely on the company’s cloud computing services.

The 54-page lawsuit was filed in Texas by Q Industries, an air compressor manufacturer that uses Rackspace’s network to host its email and cloud computing services. The case claims that unauthorized parties infiltrated Rackspace’s servers on December 2 of this year due to the cloud computing company’s failure to implement adequate cybersecurity measures.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

Per the complaint, the unauthorized actor responsible for the breach has rendered Rackspace’s network inaccessible by installing ransomware, a form of malicious software that copies and encrypts the contents of a server. As a result, Q Industries has experienced a “shocking and devastating disruption to their business” since the company can no longer access its email account, its primary sales vehicle, the filing explains.

The suit says that Q Industries is also unable to access important proprietary information stored on Rackspace cloud servers, or other core business functions like its messaging and calendaring features.

According to Rackspace, Q Industries and other affected companies will remain locked out of its services for at least another 16 weeks, the case relays. Although Rackspace has offered impacted customers free access to Microsoft Exchange Plan 1 licenses on Microsoft 365 for the time being, the service does not restore access to companies’ proprietary data stored on Rackspace’s networks, the filing contends.

The suit alleges that the incident has compromised highly sensitive and confidential customer data, including business-related correspondence, technical plans, software products and proprietary information. The complaint further charges that Rackspace’s negligence has put its customers at long-lasting risk of identity theft or fraud since cybercriminals have also gained access to their private information.

“Moreover, there has been no assurance offered from Rackspace that the compromised Private Information has been recovered or destroyed,” the case reads.

The filing explains that two of the plaintiffs, John Moser and Dana Moser Wilkinson, president and COO of Q Industries, respectively, obtained Rackspace’s services based on its claims of “reliability, quality, and data protection.” Indeed, Rackspace promises its clients “the highest levels of data protection” since it knows that data disruptions “can slow down your business and adversely impact customer experiences,” the complaint relays.

Rackspace’s data security measures were “woefully inadequate” given that the company failed to adopt “basic, common-sense” procedures recommended by the United States government and the Microsoft Threat Protection Intelligence Team designed to prevent data breaches, the lawsuit argues. The case also asserts that the company did not comply with Federal Trade Commission guidelines for data security.

Had they known that Rackspace did not maintain proper data security practices to safeguard their private information from theft, the plaintiffs would not have employed Rackspace to provide vital business cloud services, the filing says.

“Plaintiffs and Class members staked their own reputation on Rackspace’s reputation,” the lawsuit states. “Now, without access to their email and proprietary data, Plaintiffs and Class members would appear to their own customers and clients to be unreliable, untrustworthy, or incompetent, when this is simply not the case.”

The lawsuit looks to represent anyone, including business entities, whose private information became inaccessible and/or was viewed by unauthorized third parties as a result of the Rackspace data breach discovered on or about December 3, 2022.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.