Hello Gert,
On 2 Jul 2024, at 14:50, Gert Doering via db-wg <db-wg@ripe.net> wrote:
Hi,
On Tue, Jul 02, 2024 at 09:44:33AM +0200, Miguel Mosquera via db-wg wrote:
On one hand, we have deployed features to mitigate issues related to making updates with multiple references (#1486). This prevents the creation of an RPSL with a lot of references. We are continuing to investigate ways to further improve this process.
Has there been some insight on *why* the original change has been attempted? Has this been a breach of account, or a sort-of reasonable explanation by the SSO user?
I can't speculate on why it was attempted, but this is being investigated separately by the RIPE NCC. The updates referenced every maintainer in the database, which caused the spike in mail notifications and delays to other updates. There has been no data leak or security breach as a result of this incident. The DB team are focused on mitigating the operational impact of these updates. As Miguel said, we will publish a full post-mortem once we are confident the vulnerabilities have been addressed. Regards Ed Shryane RIPE NCC