Ransomware victim disclosure
← All victimsRed Hat, Inc.
Claimed by Hunters International · listed 9 months ago
Status timeline
- ListedOct 5, 2025
- Data leakeddate unknown
At a glance
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Oct 5, 2025
About the victim
AI dossier — public-source company profileRed Hat, Inc. is a leading American multinational software company headquartered in Raleigh, North Carolina, specialising in open-source software products for enterprises. It is best known for Red Hat Enterprise Linux and also offers cloud computing, virtualisation, storage, and middleware solutions. Red Hat became a wholly owned subsidiary of IBM in 2019.
- Industry
- Open-Source Enterprise Software & Cloud Solutions
- Address
- 100 East Davie Street, Raleigh, NC 27601, United States
- Employees
- 10000+
- Founded
- 1993
Attack summary
Severity: high — Red Hat is a major enterprise software company and IBM subsidiary with a large customer and employee base; a confirmed data-published disclosure suggests successful exfiltration of potentially significant business or customer data, though the specific data types and volume are not detailed in the post.Hunters International claims to have attacked Red Hat, Inc. and has published data associated with the victim; the specific nature of exfiltration or encryption is not detailed in the truncated post, but the disclosed status indicates data has been published.
Data the group says was taken
AI dossier — extracted from the leak post- Corporate data (unspecified)
Original description
AI-summarised, not from the leak postRed Hat, Inc. is a leading American multinational software company that provides open-source software products to businesses. It became a subsidiary of IBM in 2019. The company is best known for Red Hat Enterprise Linux, a top-level operating system. Other notable offering includes its architecture service, cloud computing (virtualization), and storage solutions.
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

