10/8/25, 3:31 PM                     Shiny Hunters group reportedly extorting Red Hat after stealing data | SC Media
        Shiny Hunters group reportedly extorting Red Hat after

        stealing data






        By Steve Zurier









































        (Adobe Stock)

        The recent case in which 570 gigabytes of compressed Red Hat data were exfiltrated from 28,000

        GitHub repos expanded Tuesday, as Crimson Collective and Scattered Lapsus$ Hunters reportedly
        leveraged the Shiny Hunters data leak site to apply more pressure on Red Hat.


        This incident dates back to Oct. 2, when Red Hat confirmed in a blog post it detected unauthorized

        access to a GitLab instance used for internal Red Hat Consulting activities.



        Red Hat said the compromised GitLab instance housed numerous consulting engagement reports
        (CERs), including project specifications, example code snippets, and internal communications about
        consulting services.



        “The Red Hat breach is escalating, with the notorious extortion group ShinyHunters now involved,
        threatening to leak stolen data from more than 28,000 internal repositories,” said John Carberry,

        solution sleuth at Xcape, Inc. “Security teams should immediately change any potentially compromised


      https://www.scworld.com/news/shiny-hunters-group-reportedly-extorting-red-hat-after-stealing-data             1/3