The cybersecurity breach at enterprise software provider Red Hat has intensified after the hacking collective known as ShinyHunters joined an ongoing extortion attempt initially launched by another group called Crimson Collective.
Last week, Crimson Collective claimed responsibility for infiltrating Red Hat’s internal GitLab environment, alleging the theft of nearly 570GB of compressed data from around 28,000 repositories. The stolen files reportedly include over 800 Customer Engagement Reports (CERs), which often contain detailed insights into client systems, networks, and infrastructures.
Red Hat later confirmed that the affected system was a GitLab instance used exclusively by Red Hat Consulting for managing client engagements. The company stated that the breach did not impact its broader product or enterprise environments and that it has isolated the compromised system while continuing its investigation.
The situation escalated when the ShinyHunters group appeared to collaborate with Crimson Collective. A new listing targeting Red Hat was published on the recently launched ShinyHunters data leak portal, threatening to publicly release the stolen data if the company failed to negotiate a ransom by October 10.
As part of their extortion campaign, the attackers published samples of the stolen CERs that allegedly reference organizations such as banks, technology firms, and government agencies. However, these claims remain unverified, and Red Hat has not y
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: