黑客从红帽咨询公司的GitLab中窃取了570GB的敏感数据, Hackers stole 570GB of sensitive data from Red Hat’s consulting GitLab, including info from major firms like Bank of America and the U.S. Navy.

一个叫Crimson集团的黑客集团声称,它违反了红色帽子咨询公司GitLab案,盗取了来自28 000多个项目570GB的数据,包括敏感客户报告和美国银行、美国海军和T-Mobile等主要组织的技术细节。 A hacking group named the Crimson Collective claims to have breached Red Hat’s consulting GitLab instance, stealing 570GB of data from over 28,000 projects, including sensitive client reports and technical details from major organizations like Bank of America, the U.S. Navy, and T-Mobile. 据报告,被盗数据包括基础设施图、认证凭证和CI/CD文件。 The stolen data reportedly includes infrastructure diagrams, authentication tokens, and CI/CD files. Red Hat确认违规事件发生在非核心咨询环境中,表示受影响的系统是孤立的,正在进行法医调查,同时通知受影响的客户。 Red Hat confirmed the breach occurred in a non-core consulting environment, stated the affected system is isolated, and is conducting a forensic investigation while notifying impacted customers. 该公司强调,该事件不影响其核心产品,如Red Hat企业Linux。 The company emphasized the incident does not affect its core products like Red Hat Enterprise Linux. 违约情况突出显示,由于开发储存库配置错误和潜在的供应链威胁,风险日益增加,专家利用暴露系统细节警告可能发生的有针对性的袭击。 The breach highlights growing risks from misconfigured development repositories and potential supply-chain threats, with experts warning of possible targeted attacks using exposed system details.