Rackspace Technology recorded $5 million in expenses for the first nine months of this year, stemming from the December 2022 ransomware attack of the company’s Hosted Exchange business, according to a 10-Q filing with the Securities and Exchange Commission. 

The managed email solution for small- and medium-sized businesses represented about 1% of the company’s revenue and, following the attack, Rackspace discontinued the Hosted Exchange product. The company has since transitioned many of those customers to Microsoft 365. 

The expenses include costs for remediation, the investigation, legal and other professional services as well as supplemental staff resources to respond to customers.

Rackspace expects to receive $5.4 million in loss-recovery insurance, but it cautioned that the timing of insurance reimbursement may differ from the timing of the recognition of expenses. 

The attack, attributed to the Play ransomware group, disrupted email access for the company’s Hosted Exchange customers. The threat group gained access to the personal storage table of 27 of the company’s 30,000 Hosted Exchange customers.

The costs for remediating the incident may mount, as Rackspace is in the early stages of multiple lawsuits related to the attack. The company said it is vigorously defending against them in court, according to the 10-Q filing. It does not expect the cases to have a material impact on its financial position and results of operations. 

A company spokesperson said the company does not comment on litigation beyond what is included in the regulatory filings.