Redhat Security Breach

mysticsniper · Thursday at 14:53

Looks like redhat have suffered a breach and are the attackers are trying to extort.

Bad news for any corporate customers

https://cybernews.com/security/red-hat-breach-might-affect-major-organizations/

Sinbad2000 · Thursday at 15:03

Red faces under red hats ...

Yow. This is not good.

Rainmaker · 2025-10-03T01:33:09+0100

Ouch, that's embarrassing for them. The NSA must be very pleased. :cry:

Glad I stuck with Alma now, but somehow I doubt I qualify as a big fish lol.

KompuKare · 2025-10-03T07:06:06+0100

So a "private" GitHub repo is not so private after all. Surely a company as large as Red Hat should have hosted this themselves? They should have plenty of security experts in-house.

Wonder how this was breached? Were these files which Red Hat's customers had direct access to, not that makes it necessarily extra weak unless everyone had the same credentials? On the other hand if this was just Red Hat's internal storage them why wasn't it restricted to only their IPs?

Equally embarrassing that someone like the NSA lets this kind of thing out of house as I'd really expect them to have everything in-house!

mysticsniper · 2025-10-03T14:59:33+0100

KompuKare said:
So a "private" GitHub repo is not so private after all. Surely a company as large as Red Hat should have hosted this themselves? They should have plenty of security experts in-house.

Wonder how this was breached? Were these files which Red Hat's customers had direct access to, not that makes it necessarily extra weak unless everyone had the same credentials? On the other hand if this was just Red Hat's internal storage them why wasn't it restricted to only their IPs?

Equally embarrassing that someone like the NSA lets this kind of thing out of house as I'd really expect them to have everything in-house!

You'll find a lot of agencies have repo's on GitHub.

Red Hat have released a statement

https://www.redhat.com/en/blog/security-update-incident-related-red-hat-consulting-gitlab-instance

Cromulent · 2025-10-03T15:12:40+0100

KompuKare said:
So a "private" GitHub repo is not so private after all. Surely a company as large as Red Hat should have hosted this themselves? They should have plenty of security experts in-house.

They use GitLab not GitHub.

Edit: GitLab can be self hosted so can be completely private.

deviation · 2025-10-03T15:21:07+0100

Rainmaker said:
Glad I stuck with Alma now

You might regret that, she's always watching

KompuKare · 2025-10-03T18:11:16+0100

Cromulent said:
They use GitLab not GitHub.

I blame The Register!
Although others may have made the same mistake. Still don't go there often but in the days of the tech media being far too friendly to all big companies, The Register's more jaundiced articles are refreshing.