Red Hat Confirms Consulting Arm's GitLab Instance Breached

28,000 Customers, Including Banks and US Government Agencies, Appear to Be Affected Mathew J. Schwartz (euroinfosec) • October 3, 2025

Commercial Linux distribution producer Red Hat is warning that attackers stole customer data from its consulting arm.

See Also: Why Cyberattackers Love 'Living Off the Land'

"We recently detected unauthorized access to a GitLab instance used for internal Red Hat Consulting collaboration in select engagements," Red Hat said in a Thursday alert about a "security incident."

Red Hat said the breach didn't appear to compromise anything pertaining to its products, supply chain or other services. "We have now implemented additional hardening measures designed to help prevent further access and contain the issue," it said.

IBM acquired Red Hat in 2019 for $34 billion, which was then the largest software acquisition in history.

The security incident came to light Wednesday when a group calling itself "Crimson Collective ...