Red Hat fesses up to GitLab breach after attackers brag of data theft

What started as cyber crew bragging has now been confirmed by Red Hat: someone gained access to its consulting GitLab system and walked away with data.

The IBM-owned open source giant said in a blog post on Thursday that "an unauthorized third party had accessed and copied some data from a Red Hat Consulting-managed, dedicated GitLab instance."

That wording aligns with boasts made earlier this week by a group calling itself the Crimson Collective, which claimed to have raided some 28,000 Red Hat repositories. In Telegram messages seen by The Register, the group claims to have stolen hundreds of Customer Engagement Reports, which typically contain architecture diagrams, configuration details, authentication tokens, and network maps.

Red Hat isn't saying what kind of data was taken, or whose it was. It has limited itself to stressing that the incident was confined to the consulting GitLab environment.

Red Hat also confirmed ...