Crimson CollectiveCrimson Collective

Also known as: Crimson Collective

Known aliases
1

Profile

The Crimson Collective is a cybercrime group that claimed to have compromised Red Hat's private GitHub repositories in September 2025. The group asserted it had stolen 570GB of data from Red Hat's private GitHub repositories, including 28,000 projects and approximately 800 Customer Engagement Reports (CERs) containing sensitive network data. CERs often contain sensitive information including infrastructure details, configurations, and tokens that attackers could exploit to target customers' networks. The group shared proof of the breach on a Telegram channel, including a full file tree, CER list, and screenshots. The U.S.-based multinational software company confirmed the data breach but did not verify the Crimson Collective's claims. The group also claimed to have gained access to some of Red Hat's client infrastructure and stated they had warned the company but were ignored.

Aliases· 1

Crimson Collective

References

  1. https://cybersecuritynews.com/red-hat-data-breach/
  2. https://www.techzine.eu/news/security/135120/red-hat-hit-by-github-breach-570gb-stolen-including-client-info/
  3. https://securityaffairs.com/182866/data-breach/cybercrime-group-claims-to-have-breached-red-hat-s-private-github-repositories.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Coinbase Cartel
Actor
RansomHouse
Actor
Lilac Typhoon
Actor
KromSec
Actor
Gitloker
Actor
Chronus Group
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.