On October 1, 2025, the cybercrime group "Crimson Collective" disclosed a breach of Red Hat's consulting GitLab instance, claiming to have extracted 570GB of data across 28,000 repositories, impacting approximately 800 organizations globally. The breach exposed sensitive information such as Customer Engagement Reports, infrastructure configurations, and authentication tokens, posing a significant risk to sectors like finance, technology, telecommunications, government, and healthcare. Red Hat confirmed the incident, emphasizing it affected only their consulting GitLab instance and not their other services, and began remediation efforts. The breach underscores the vulnerabilities associated with consulting firms, which aggregate sensitive data from multiple clients, highlighting the need for improved credential hygiene, secrets monitoring, and supply chain security governance to prevent cascading breaches. The incident also prompted a high-risk advisory from Belgium's Centre for Cybersecurity, warning organizations using Red Hat Consulting services of potential supply chain impacts.