Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail

Red Hat Consulting suffered a major data breach affecting over 5,000 enterprise customers. The extortion group Crimson Collective, allegedly linked to LAPSUS$ members, claims to have stolen 32 million files including consultancy reports, source code, and sensitive credentials for organizations like HSBC, Walmart, and ING Bank. The breach occurred on September 13, 2025, and exposed private certificates, stored credentials, and customer documentation. Impacted organizations should contact Red Hat support to obtain stolen files and implement remediation measures including certificate rotation and credential changes.