10/8/25, 3:34 PM                     Red Hat Breach Impacts 5,000+ High-Value Enterprise Customers, Data at Risk







































        Screenshots


        On September 13, 2025, the compromise date listed by the group, Crimson Collective began leaking proof via a
        portal styled with hallmark LAPSUS$ traits intentional typos, casual racism in HTML comments, jokes, and

        even Pokémon tunes embedded in the page.



        The initial leak included a file tree showing 370,852 directories and 3,438,976 files. Sample Consultancy
        Engagement Reports (CERs) for seven organizations AIR, AMEX_GBT, Atos_Group (NHS Scotland), BOC,
        HSBC, and Walmart were published to demonstrate legitimacy.



        A subsequent release delivered a 2.2 GB ZIP containing an “unprecedented” file tree of over 32 million files.



        Analysis of the directory structure suggests more than 5,000 enterprise customers are impacted, spanning

        consultancy reports, proprietary code, and various internal assets.



        Sensitive items such as .pfx private certificates for ING Bank and Delta Airlines were among the leaked files, a
        clear indicator of high risk exposure. Enterprises should assume that all stolen data may become public.



        Impacted organizations must urgently contact Red Hat Consulting support to obtain the list of stolen files.



        They should immediately rotate certificates and credentials, review security configurations, and apply

        comprehensive remediation plans.
      https://gbhackers.com/red-hat-breach-impacts-5000-customers-data-at-risk/                                     5/6