Re: Hack against third-party interface
Or poor network segregation, weak controls of admin accounts and working practices, unhardedened systems on the same desktop network as Reception being used for administration of production systems, poort staff awareness,.. tons and tons of stuff that could have lead to the attackers getting access to the switch.
As you say, I doubt it was itself directly "on the internet".