A hacker group claims to have breached leading enterprise open source software vendor Red Hat and is threatening to release hundreds of gigabytes of stolen information if the company does not pay a ransom.
In a Dark Web post, a group calling itself the Crimson Collective claimed to have stolen data from more than 28,000 Red Hat code repositories, including access tokens and customer engagement reports that contain network audits. “It’s a 570 GB ticking time bomb of your failures,” the hackers boasted.
Red Hat, whose customers include government agencies, critical infrastructure operators and major corporations, admitted on Oct. 2 that it “recently detected unauthorized access” to one of its self-hosted GitLab instances “used for internal Red Hat Consulting collaboration in select engagements.”
In its blog post, Red Hat said the compromised system “housed consulting engagement data, which may include, for example, Red Hat’s project specifications, example code snippets, internal communications about consulting services, and limited forms of business contact information.”
The attack did not target GitLab’s own infrastructure, and a GitLab spokesperson said its systems remained secure.
The stolen data consists of nearly 3.5 million files and includes sensitive reports on the computer networks of Walmart, American Express, HSBC and many other companies, according to security researchers.
New hacker partnership
Crimson Collective told Dark Reading that it is an “extortion ransomware group that basically works for profit only.” There is evidence that the group has ties to the notorious Lapsus$ cybercrime gang. The Crimson Collective recently told researchers that it planned to collaborate with Lapsus$ “for future stuff to come.”
The hackers gave Red Hat until Oct. 10 to negotiate a ransom payment, but the group has said that the company is ignoring its outreach. On Monday, the hackers posted a large archive file allegedly containing some of the data.
Editor’s note: This story has been updated with a statement from GitLab.
