"This data allegedly includes approximately 800 Customer Engagement Reports (CERs), which can contain sensitive information about a customer's network and platforms. A CER is a consulting document prepared for clients that often contains infrastructure details, configuration data, authentication tokens, and other information that could be abused to breach customer networks. Red Hat confirmed that it suffered a security incident related to its consulting business, but would not verify any of the attacker's claims regarding the stolen GitLab repositories and customer CERs."
"A spokesperson for the hackers contacted DataBreaches yesterday to point this site to their account and information on the breach. As additional proof of claims, they provided this site with some additional details and what they claim is the CER for T-Mobile. DataBreaches has not yet submitted it to T-Mobile to ask them if they will verify it. The spokesperson declined to discuss details of the incident or how much they were demanding."
An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data from roughly 28,000 internal development repositories after breaching a GitLab instance. The stolen material allegedly includes about 800 Customer Engagement Reports (CERs) that can contain infrastructure details, configuration data, authentication tokens, and other sensitive client information. Red Hat confirmed a security incident affecting its consulting business but declined to verify the attackers' specific claims about the repositories or CERs. Hackers provided a third party with alleged proof, including a purported T-Mobile CER, and have already leaked some information while claiming access to certain client infrastructure.
Read at DataBreaches.Net
Unable to calculate read time
Collection
[
|
...
]