Dear colleagues, We recently announced that RIPE NCC Access, our single sign-on (SSO) service, had been targeted by a "credential-stuffing" attack. Our investigation has since identified five SSO accounts that we believe were breached. Only one of these accounts is associated with an LIR, but this is inactive and does not hold any IP resources. We have locked all five SSO accounts and notified the account holders.
Many of you also suggested potential security improvements. These will be included in a detailed review of RIPE NCC Access. Finally, please help us to keep your accounts secure by enabling two-step verification for your RIPE NCC Access account. You can find instructions on enabling two-step verification at: https://www.ripe.net/participate/member-support/ripe-ncc-access/two-step-verification In case of any suspicious activity on your account, report it to <[email protected]>. Regards, Ivo Dijkhuis Senior Information Security Officer, RIPE NCC
