Red Hat Confirms Major Security Breach Affecting High-Profile Organizations
Red Hat has confirmed a security breach involving one of its GitLab instances, impacting several high-profile organizations. The incident, which occurred about two weeks ago, saw unauthorized access to data, including confidential Customer Engagement Reports (CERs).
Red Hat Consulting's GitLab instance was targeted, not GitHub. The hacker group ThreatCon Alpha is suspected. They allegedly gained access using stolen authentication tokens and other private information. Around 28,000 repositories and approximately 570 GB of data, including about 800 CERs, were compromised.
The breach has affected several notable organizations, including Bank of America, T-Mobile, AT&T, Fidelity, Kaiser, Mayo Clinic, Walmart, Costco, the Naval Surface Warfare Center, the Federal Aviation Administration, and the U.S. House of Representatives. CERs often contain sensitive information about customer platforms and networks.
Red Hat has assured that other Red Hat products and the software supply chain remain unaffected. They have also implemented additional security measures to prevent further access and contain the issue.
The breach, which occurred in October 2025, has raised concerns about the security of sensitive data. Organizations affected are urged to review their systems and take necessary precautions. Red Hat continues to investigate the incident and will provide updates as needed.
Read also:
- Small Business Owners Sound Alarm on Tariff Challenges
- THW Marks 75 Years of Saving Lives at Home and Abroad
- Kazakhstan's National Bank Boosts Currency Sales to $1.4 Trillion in Q4
- Federal petition from CEI seeking federal intervention against state climate disclosure laws, alleging these laws negatively impact interstate commerce and surpass constitutional boundaries.
