On Monday, 20 February, we discovered that the application servers belonging to the labs.ripe.net production cluster were compromised over the weekend. We investigated this and found no evidence that any harm was done to the servers.
We also found no evidence that this has spread to other servers, or that the attackers gained 'root' privileges or that they have stolen or manipulated any (system or website) files.
We also have not found any evidence that any personal or confidential data was compromised. The servers in question did not contain any RIPE NCC member data. There is no action required from our members or users of our services.
We were able to quickly determine the cause of the compromise, and fixed it shortly afterwards.
It is our policy to report security incidents as soon as possible to all affected parties and provide a summary of the incident after completing the necessary investigations. The RIPE NCC and the RIPE community have a relationship built on trust, openness and transparency. Naturally we will keep a close watch on the situation and immediately report any developments.