""We recently detected unauthorized access to a GitLab instance used for internal Red Hat Consulting collaboration in select engagements," it said in a statement. "Upon detection, we promptly launched a thorough investigation, removed the unauthorized party's access, isolated the instance, and contacted the appropriate authorities. Our investigation, which is ongoing, found that an unauthorized third party had accessed and copied some data from this instance.""
"The compromised GitLab instance housed consulting engagement data, which the firm said, could include Red Hat's project specifications, example code snippets, and internal communications about consulting services. However, it said, this particular GitLab instance doesn't typically house sensitive personal data, and there's no indication that any has been accessed. And there was no sign, it said, that the incident had affected any of its other services or products, including its software supply chain or downloads of Red Hat software from official channels."
Red Hat detected unauthorized access to a GitLab instance used by its Consulting team and confirmed that some data was copied. The compromised instance contained consulting engagement materials, potentially including project specifications, example code snippets, and internal communications. There is no indication that sensitive personal data was stored or accessed, and no sign that other Red Hat services, products, the software supply chain, or official downloads were affected. Red Hat removed the unauthorized access, isolated the instance, launched an investigation, contacted authorities, and implemented additional hardening measures. The extortion group Crimson Collective claims it exfiltrated over 570GB from more than 28,000 repositories, including client documents and Customer Engagement Reports.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]