10/8/25, 3:33 PM                           Red Hat data breach escalates as ShinyHunters joins extortion
        "On the 4th April 1949 was created the so big called NATO, but what if today's new alliance
        was bigger than that ? But for a greater purpose, ruining corporations mind," reads a post
        to the hacking group's Telegram channel.


        "What if, Crimson's shininess extends even further away ?"


























                                          Crimson Collective's Telegram post
                                                Source: BleepingComputer

        "Regarding the current announcement regarding us, we are going to collaborate with

        ShinyHunter's for the future attacks and releases," the Crimson Collective threat actors told
        BleepingComputer.


        In coordination with the announcement, a Red Hat entry has now appeared on a new
        ShinyHunters data leak extortion site, warning the company that data would be publicly
        leaked on October 10th if a ransom demand was not negotiated with ShinyHunters.


        In addition, the threat actors released samples of the stolen CERs, including those
        for Walmart, HSBC, Bank of Canada, Atos Group, American Express, Department of

        Defence, and Société Française du Radiotéléphone.


        BleepingComputer contacted Red Hat about this development but did not receive a
        response.



        The ShinyHunters Extortion-as-a-Service



        For months, BleepingComputer has speculated that ShinyHunters was acting as an
        extortion-as-a-service (EaaS), where they work with threat actors to extort a company in

        exchange for a share of the extortion demand, similar to how ransomware-as-a-service
        gangs operate.




      https://www.bleepingcomputer.com/news/security/red-hat-data-breach-escalates-as-shinyhunters-joins-extortion/  3/5