"What started as cyber crew bragging has now been confirmed by Red Hat: someone gained access to its consulting GitLab system and walked away with data. The IBM-owned open source giant said in a blog post on Thursday that "an unauthorized third party had accessed and copied some data from a Red Hat Consulting-managed, dedicated GitLab instance." That wording aligns with boasts made earlier this week by a group calling itself the Crimson Collective, which claimed to have raided some 28,000 Red Hat repositories."
"Red Hat also confirmed that it has "engaged leading security experts" and notified law enforcement - standard fare for any corporate breach disclosure. Beyond that, it's keeping schtum. There's no word on whether customers' materials were involved, whether client-specific repositories were exposed, or how exactly the intruders gained access. That leaves plenty of unanswered questions. Consulting environments often contain more than just toy projects: documentation, integration scripts, and client configs can all end up in repos, and those can provide useful intelligence for future attacks."
An unauthorized third party accessed and copied data from a Red Hat Consulting-managed GitLab instance. A threat group called the Crimson Collective claims to have raided about 28,000 repositories and to have stolen hundreds of Customer Engagement Reports containing architecture diagrams, configuration details, authentication tokens, and network maps. Red Hat restricted the incident to the consulting GitLab environment, engaged leading security experts, and notified law enforcement. Red Hat did not disclose which data or which customers were affected. Consulting repositories often include documentation, integration scripts, and client configurations that can provide valuable intelligence for follow-on attacks. The attackers claim the haul spans 2020-2025 and involves major organizations across sectors.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]