10/8/25, 3:34 PM            Red Hat Data Leak: Hackers Threaten to Release Terabytes of Data if Ransom is Not Paid by October 10
       Red Hat Data Leak: Hackers Threaten to Release Terabytes of Data if Ransom is

       Not Paid by October 10

       By: Viktor Tsyrfa | yesterday, 21:56









































                                                Red Hat Logo. Source: bleepingcomputer.com
                                                                                   A cyber attack on Red Hat, an IBM subsidiary, has
                                                                                   taken a new turn: the notorious hacking group
                                                                                   ShinyHunters has joined in demanding a ransom for
                                                                                   stolen data. The incident, initially attributed to the
                                                                                   group UNC5174 (also known as Salt Typhoon), now
       threatens the leak of sensitive client information and internal company data.
       Timeline of Events

       In August 2024, Red Hat discovered unauthorized access to part of its internal infrastructure. Hackers associated with the Chinese group UNC5174 breached the system
       through vulnerabilities in servers used for development and testing. According to Red Hat's estimates, approximately 4 TB of data was stolen, including internal tools and
       codes for Red Hat Enterprise Linux (RHEL) and OpenShift; client contact information, license keys, subscription details (about 3 million records); intellectual property
       documents, including source code and configurations.
       On October 4, 2024, the hacking group ShinyHunters, known for a series of successful attacks on companies like MGM Resorts and ATT, announced on the specialized
       resource BreachForums their 'collaboration' with UNC5174. They claim to have accessed part of the stolen data and are now demanding a ransom. The initial price is $5
       million for the full data set. ShinyHunters published samples (over 500 GB) to confirm authenticity, including files with RHEL 8/9 codes and client databases. If the ransom is
       not paid by October 10, the data will be released or sold to competitors.

       Response from Red Hat and IBM
       The company stated that the leak did not affect products or client systems, and that the RPM package signing keys remained intact. They also reported that they are
       conducting an internal investigation and cooperating with law enforcement. Clients are advised to check their systems for vulnerabilities and update passwords.
       Red Hat is involved in the release of two major Linux distributions - Red Hat and Fedora. While Fedora is completely free software for anyone, Red Hat is a distribution for
       corporate clients. The business of the company is based on paid support for corporate clients. Since corporate clients are of interest to hackers, the information about them
       within Red Hat is the most valuable data they hunt for. It is hardly sensible to pay ransom to extortionists - there is no doubt that if the data stolen from Red Hat could help
       penetrate the corporate network of any of their large clients, hackers would not miss that opportunity.





      https://gagadget.com/en/677830-red-hat-data-leak-hackers-threaten-to-release-terabytes-of-data-if-ransom-is-not-paid-by-october-10/  1/1