Page 185 - Red Hat PR REPORT - OCTOBER 2025
P. 185

10/8/25, 3:30 PM                   ShinyHunters joins Crimson Collective in coordinated extortion effort against Red Hat
        Shortly after the announcement, Red Hat appeared as a new entry on the ShinyHunters site, with a

        threat that all stolen data would be published on 10 October unless ransom negotiations commence.



        Samples released on the site purportedly include CERs belonging to high-profile clients such as

        Walmart, HSBC, the Bank of Canada, Atos Group, American Express, the US Department of

        Defense, and Société Française du Radiotéléphone (SFR).


        A post accompanying the leak accused Red Hat of failing to safeguard trade secrets and personal


        data, invoking potential violations of the General Data Protection Regulation (GDPR) and US state
        privacy laws.



        "These CERs clearly contain and include confidential business/company data (credentials, env vars,

        architecture, code, internal designs, things that would grant an unauthorised party access to your

        network), and Red Hat failed to adequately protect them, you failed to preserve the secrecy of these

        trade secrets, as it was your utmost responsibility," Scattered Lapsus$ Hunters wrote on its site.


        ShinyHunters expands extortion business





        Known for previous high-profile breaches involving Microsoft, AT&T, and

        Tokopedia, ShinyHunters has reportedly operated for years as an "Extortion-as-a-Service" (EaaS)

        group.


        A ShinyHunters representative told BleepingComputer that they typically receive 25-30% of

        extortion payments, with partner groups retaining the majority.



        The launch of the new leak portal indicates the group is now formalising its extortion network and

        openly hosting campaigns for affiliated hackers.



        Whether Red Hat will choose to negotiate, pay the ransom, or confront the attackers remains

        uncertain.


        For now, Red Hat continues to investigate the breach, monitor for further data exposure, and

        reassure its clients that it is taking comprehensive steps to mitigate risk.





      https://www.computing.co.uk/news/2025/security/shiny-hunters-crimson-collective-red-hat-extortion             3/4
   180   181   182   183   184   185   186   187   188   189   190