A weak password has been blamed after an outage at Orange Spain disrupted close to half of its network traffic earlier this week.
The outage, which lasted around three hours on January 3, was caused when a hacker manipulated crucial information about the company’s Internet infrastructure.
Orange confirmed its RIPE account had been breached by an attacker on Wednesday, using "infostealer" malware.
As reported by the Bleeping Computer, the hacker breached the RIPE account to misconfigure BGP (Border Gateway Protocol) routing and an RPKI configuration.
RIPE is the regional database that contains all IP addresses and their owners in Europe, the Middle East, and Central Asia.
An individual operating under the alias of "Snow" claimed responsibility for the attack.
The attacker shared images of their administrative account access, prompting Orange España to respond to the post on X, formerly known as Twitter.
"The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing of some of our customers. Service is practically restored," said Orange in a statement.
"We confirm that in no case is the data of our clients compromised, it has only affected the navigation of some services."
Orange has not revealed the exact details of how its account had been hacked.
However, Snow explained on social media that they were able to breach the account with the password "ripeadmin", noting that 2FA (two-factor authentication) and "SE" were not in use.
When asked why they breached the account, Snow said they did it for some "lulz."
RIPE has separately revealed that it is investigating the incident.
"We have restored access to the legitimate account holder and are working closely with them to ensure the integrity of the account," said RIPE in a statement.