The Red Hat data breach is worse than first thought

The situation regarding Red Hat’s recent data breach is worsening – both for the company and for its customers. With GitLab instances belonging to the company having been breached by the Crimson Collective, hundreds of gigabytes of data were stolen.

Now the data breach has transformed into a demand for ransom – perhaps predictably. Interestingly, though, the extortion is not being perpetrated by the Crimson Collective, but by ShinyHunters.

As reported by Bleeping Computer, ShinyHunters have now contacted Red Hat and has leaked limited samples of stolen customer engagement reports. The data breach is now much more complicated than anyone first thought. While Crimson Collective carried out the initial theft, the Scattered Lapsus$ Hunters group is now said to have become involved.

More than this, Crimson Collective has issued a statement saying:

Regarding the current announcement regarding us, we are going to collaborate with ShinyHunter's for the future attacks and releases.

So now it would appear that at least three group of threat actors are working in collaboration, presumably each playing to their own individual strengths.

As Bleeping Computer says, it is not just Red Hat that has been targeted. The leaked samples of data also includes data relating to Walmart, HSBC, Bank of Canada, Atos Group, American Express, Department of Defence, and Société Française du Radiotéléphone.

Image credit: mrsiraphol / depositphotos.com