Overview

• Red Hat says an unauthorized party accessed and copied data from a GitLab instance used by its consulting team, after which access was removed and the system isolated.
• The company reports no indications of impact to other services or products and expresses high confidence in its software supply chain, with no sensitive personal data identified so far.
• A group calling itself Crimson Collective claims it stole about 570GB from roughly 28,000 repositories, including around 800 Customer Engagement Reports that can include credentials and network details.
• The attackers published file listings and samples and assert they used exposed tokens to access some customer infrastructure, a claim not independently verified.
• Belgium’s national cybersecurity authority issued a high‑risk advisory urging organizations to rotate credentials and review integrations associated with Red Hat Consulting.