A significant data breach has unfolded at Red Hat, involving the criminal group ‘Crimson Collective,’ which claims to have exfiltrated approximately 570 GB of data from a GitLab instance utilized by Red Hat’s consulting division. This breach reportedly includes tens of thousands of internal repositories and sensitive Customer Engagement Reports, prompting an extortion campaign in collaboration with a group linked to Scattered Lapsus$/ShinyHunters. Red Hat has confirmed the incident, initiating an investigation and isolating the affected environment while urging customers with self-managed instances to enhance their security. This breach underscores the growing threat of cybercrime to sensitive corporate data and highlights the necessity for robust cybersecurity measures in safeguarding intellectual property and customer information.