Red Hat, the IBM-owned open-source software leader, confirmed on Thursday that one of its GitLab instances was compromised after a threat actor publicly claimed to have stolen sensitive data belonging to both the company and its customers.
According to Red Hat, the breach was identified after unusual activity was detected on the GitLab server. The company immediately launched an investigation and restricted access to the affected system to contain the incident. While Red Hat has not disclosed the full scope of the compromise, early reports suggest that proprietary source code repositories and customer-related information may have been exposed.
The hacking claims first surfaced on underground forums earlier this week, where a cybercriminal alleged possession of confidential data taken from Red Hat’s internal GitLab environment. Although Red Hat has not yet confirmed whether these claims are accurate, the company is working closely with cybersecurity experts to validate the extent of the data theft.
A spokesperson for Red Hat stated:
“We are aware of unauthorized access to one of our GitLab instances. Protecting our customers and their data is our highest priority, and we are actively investigating the matter with urgency.”
This incident underscores the growing risks faced by organizations that rely on collaborative development platforms like GitLab and GitHub. Cybercriminals have increasingly targeted such environments to steal source code, exploit supply chain weaknesses, or leverage insider information.
Security analysts warn that if sensitive code or credentials were indeed stolen, the attack could have downstream effects on Red Hat’s ecosystem, including enterprise users who rely on its software for critical infrastructure and cloud environments.
For now, Red Hat has assured customers that its major products and services remain unaffected. Additional updates are expected as the investigation progresses.
