More than a week after a ransomware attack sparked the shutdown of servers at cloud and email-hosting provider Rackspace Technology, questions are still rising and its customer base is growing frustrated.
The big picture: Experts tell Axios that corporate ransomware victims face a tough dilemma: Sharing too much info risks it being weaponized in lawsuits or ruining negotiations with attackers. Not sharing enough could lead to customer outrage or even a mass exodus. Server Rack Lights
Driving the news: Over the weekend, Rackspace released more details about how it's responding to a Dec. 2 attack that prompted the shutdown of its Hosted Exchange servers, leaving thousands of small to medium-sized businesses without access to their email inboxes.
Why it matters: How a company responds to an ongoing security event can have a serious impact on their short-term business and any litigation outcome or regulatory reviews that come from the incident.
Flashback: Since Rackspace's incident, customers have been swarming social media to complain about what they describe as a lack of communication and transparency in the early days of the company's response.
Usually when a customer base is upset, that means something was missing in the communications strategy, Ensign said.
The intrigue: Rackspace chief product officer Josh Prewitt told Axios on Monday that part of the reason the company's communications haven't been able to answer all customer questions is that his team wants to make sure all information is accurate.
Details: Rackspace officials did answer a few lingering customer questions:
Between the lines: The ransomware attack at Rackspace serves as a good reminder that companies need to always be revisiting incident response plans before a cyberattack happens, experts tell Axios.
What's next: Rackspace is working on releasing so-called "indicators of compromise," along with a blog detailing how the breach happened.
Buy Server Rack Sign up for Axios’ cybersecurity newsletter Codebook here.