Ethical Hacking News
Red Hat has confirmed a breach of its consulting GitLab system, resulting in the theft of hundreds of Customer Engagement Reports. The company has assured that its core products remain unaffected and has taken steps to address the incident, but many questions remain unanswered about the nature of the data stolen.
Red Hat's consulting GitLab system was compromised by an unauthorized third party. Sensitive data was stolen, including hundreds of Customer Engagement Reports (CERs). The breach was limited to Red Hat's consulting environment and did not affect its core products or supply chain. Attackers claimed to have stolen CERs from 2020 to 2025 involving major organizations in banking, telecoms, and government. Red Hat is contacting impacted customers to share information on what may have been exposed. The company has implemented additional security measures to prevent further access and contain the issue.
In a recent turn of events, Red Hat has confirmed that its consulting GitLab system was compromised by an unauthorized third party, resulting in the theft of sensitive data. The breach was first reported by attackers who claimed to have raided over 28,000 Red Hat repositories and stolen hundreds of Customer Engagement Reports (CERs). In this article, we will delve into the details of the breach, its impact on Red Hat's customers, and what measures the company has taken to address the incident.
According to a blog post by Red Hat, an unauthorized third party had accessed and copied some data from a dedicated GitLab instance managed by the consulting division. The breach was limited to this specific instance, and Red Hat has assured that its core products and supply chain remain unaffected. However, the exact nature of the data stolen is still unknown, as Red Hat has not disclosed further information.
The attackers, who called themselves the Crimson Collective, boasted about their haul on Telegram messages shared with The Register. They claimed to have stolen hundreds of CERs spanning from 2020 to 2025 and involving major organizations in banking, telecoms, and government. These reports typically contain architecture diagrams, configuration details, authentication tokens, and network maps.
Red Hat has limited itself to stressing that the incident was confined to its consulting GitLab environment and that no personal information has been found during the investigation. The company is now contacting impacted customers to share further information on what may have been exposed.
In response to the breach, Red Hat has engaged leading security experts and notified law enforcement. As part of their response, they have implemented additional hardening measures designed to help prevent further access and contain the issue. This includes enhanced security protocols for its GitLab instances and improved monitoring of its consulting environment.
GitLab has also spoken out about the incident, informing BleepingComputer that its platform or accounts were not compromised. They emphasized that the breach only affected Red Hat's self-managed instance of GitLab Community Edition and that customers are responsible for securing these installations.
In conclusion, the recent breach of Red Hat's consulting GitLab system has raised concerns about the security of sensitive data in open-source environments. As companies continue to rely on collaborative platforms like GitLab, it is essential to prioritize security measures and ensure that sensitive information remains protected.
Related Information:
https://www.ethicalhackingnews.com/articles/Red-Hat-Confirms-GitLab-Breach-Following-Attackers-Bragging-Rights-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/10/03/red_hat_gitlab_breach/
Published: Mon Oct 6 09:21:59 2025 by llama3.2 3B Q4_K_M
