Slashdot: Red Hat Investigating Breach Impacting as Many as 28,000 Customers, Including the Navy and Congress

Oct 2, 2025

—

Source URL: https://linux.slashdot.org/story/25/10/02/1538229/red-hat-investigating-breach-impacting-as-many-as-28000-customers-including-the-navy-and-congress?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Red Hat Investigating Breach Impacting as Many as 28,000 Customers, Including the Navy and Congress

Feedly Summary:

AI Summary and Description: Yes

**Summary:** A significant security incident has occurred involving a hacking group that compromised a GitLab instance linked to Red Hat’s consulting business, resulting in the unauthorized extraction of 570 GB of data from approximately 28,000 customers. Major clients affected include governmental and large corporations, highlighting potential vulnerabilities in data security management.

**Detailed Description:** This incident underscores serious concerns regarding data security in cloud and infrastructure environments, particularly those that involve consulting services tied to publicly traded and government entities. Key points from the incident include:

– **Data Breach Scope:** The hackers obtained 570 GB of compressed data, reportedly impacting about 28,000 customers. This extensive data may include sensitive information.
– **Affected Entities:** High-profile customers include:
– Vodafone
– T-Mobile
– U.S. Navy’s Naval Surface Warfare Center
– Federal Aviation Administration (FAA)
– Bank of America
– AT&T
– U.S. House of Representatives
– Walmart
– **Corporate Response:** Red Hat has acknowledged the breach and stated that they are taking necessary remediation steps to address the security incident.
– **Implications for Security:** The breach raises questions about security practices in cloud computing and third-party service management, especially concerning client data protection. It emphasizes the need for robust data governance and compliance measures to prevent similar incidents in the future.

Overall, this incident serves as a critical wake-up call for organizations relying on cloud infrastructures, highlighting vulnerabilities that must be addressed to secure sensitive data against escalating cyber threats. Security and compliance professionals should review and strengthen their security protocols, especially in light of dependencies on third-party services.

1 10 2 3 5 53 7 800 a Act administration age AI All America and app art as at ated aviation Bi breach business C CERN CI CIA cli client clients Cloud cloud computing cloud infrastructure co Col compliance compliance measures compliance professionals compromised Computing concerns consulting services core critical custom Customer cyber cyber threat cyber threats D data data breach data governance Data Protection data security de dependencies DoT e edge end environment environments event extraction face Fed file for future g git GitLab Go governance Governance and Compliance government government entities Group H hack hacker hackers hacking hacking group high Highlight HR http HTTPS impact implications implications for security in incident information infrastructure infrastructures Instance inux io Iron J k Key knowledge l large led Li Link linked Linux lm M man management measures media Mila mini Mobile N navy NIST no non o of on one ons organization organizations ory oS out over party party services point potential practices pre pro professionals protection protocol protocols ps public Q question R Raise rate RCE re red Red Hat remediation report response review Ro RoT s scope sec secure security security and compliance security incident security management security practices security protocols sensitive data sensitive information service Service Management services Sig Sim size sizes source SSE state STIG structures T T-Mobile taking ted the third third-party threat threats to Tor TP trade U.S. UN under up US use uth V val Vodafone vulnerabilities x z