AI News

Red Hat Confirms GitLab Breach Exposing 800 Customer Infrastructure Reports

Threat group Crimson Collective stole 570GB of data from 28,000 internal repositories affecting major enterprises.

Olivia Sharp 1 min read 571 views
Free
Red Hat confirmed a GitLab breach on October 2, 2025, exposing 800 customer infrastructure reports with credentials for Bank of America, JPMC, NSA, and other major organizations.

Breach Details

Red Hat confirmed on October 2, 2025, that threat group Crimson Collective stole 570GB of data from 28,000 internal GitLab repositories, exposing approximately 800 customer engagement reports containing credentials and infrastructure details. Affected organizations include Bank of America, JPMC, NSA, T-Mobile, AT&T, Verizon, Walmart, Kaiser, and Mayo Clinic according to leaked directory listings.

Compromised Data

The stolen information includes authentication tokens, database connection strings, full database URIs, CI/CD secrets, pipeline configurations, VPN profiles, Ansible automation playbooks, OpenShift deployment blueprints, container registry configurations, and Vault integration secrets. The breach occurred approximately two weeks before October 2 through …

Archive Access

This article is older than 24 hours. Create a free account to access our 7-day archive.

Sign Up for Free Archive Access Already have an account? Log in

Share this article

#research #enterprise

Related Articles