Page 191 - Red Hat PR REPORT - OCTOBER 2025
P. 191

10/8/25, 3:32 PM                Red Hat leak escalates: ShinyHunters demands money after GitLab breach - Techzine Global
        described their collaboration as a new alliance aimed at disrupting large companies.

        Red Hat is now listed on the ShinyHunters website. The listing warns that the stolen data will be published on October
        10 if the company does not enter into negotiations. According to the hackers, the sample files released include reports
        from Walmart, HSBC, the Bank of Canada, Atos Group, American Express, the US Department of Defense, and
        French telecom company SFR. Red Hat has confirmed to BleepingComputer that the attack is related to a GitLab
        environment used exclusively by the consulting division, but the company has not yet publicly responded to the new
        extortion threat.

        No breach of GitLab infrastructure


        Red Hat has since shared an update on the incident, as reported by Techzine. According to the company, immediate
        action was taken upon discovery of the breach. This resulted in the attacker losing access. The affected GitLab
        instance was isolated and the authorities were notified. The investigation into the circumstances is still ongoing.
        GitLab emphasizes that there was no breach of its infrastructure. The incident only affects Red Hat’s self-managed
        version of GitLab Community Edition. Customers running this free version are responsible for security, updates, and
        access management.

        ShinyHunters’ involvement fits into a broader pattern of what security researchers describe as “extortion-as-a-
        service.” In this model, a group offers its infrastructure and reputation to other criminals in exchange for a share of the
        proceeds, much like ransomware groups do. ShinyHunters claims to receive about a quarter of the ransom, with the
        rest going to the hackers who carry out the attacks.

        In addition to Red Hat, financial services provider SP Global has also been named as a victim on the ShinyHunters
        platform. The company has not commented on the allegations, but emphasizes that as a publicly traded company, it is
        required to disclose significant cyber incidents.
















































      https://www.techzine.eu/news/security/135213/red-hat-leak-escalates-shinyhunters-demands-money-after-gitlab-breach/  2/2
   186   187   188   189   190   191   192   193   194   195   196