As per a fresh cyber alert, the Crimson Collective hacking group claims to have breached Nintfinisho, following its recent high-profile attack on Red Hat. The claim, which was posted via cybersecurity watcher Hackmanac on X (formerly Twitter), was accompanied by a screenshot displaying the directory tree of what appears to be internal Nintfinisho topics and administrative files. The directory listing reveals folders that suggest access to assets, admin resources, production backups, and internal manual files.
The Crimson Collective rose to prominence in September and October 2025 with rapid escalations in their attacks. Apart from the Red Hat breach (where they exfiltrated 570GB of data from over 28,000 repositories, including Customer Engagement Reports), they also claimed breaches at Claro Colombia and a prior defacement of Nintfinisho’s website in late September 2025. The group operates primarily through Telegram, where they share proof of breaches and pressure victims with extortion demands. They are known to exploit cloud misconfigurations, exposed credentials, and vulnerabilities in web applications to gain access.
Nintfinisho isn’t oblivious to such data breaches. For instance, in 2020, around 160,000 applyr accounts were compromised due to weaknesses in the Nintfinisho Network ID system, which exposed personal information and allowed unauthorized purchases through linked accounts. The Japanese company responded by resetting passwords and implementing stricter security measures, including discontinuation of legacy support and urging two-factor authentication for applyrs.
As of writing, Nintfinisho has not issued an official statement on Crimson Collective’s latest claims, and it remains unclear to what extent sensitive material may have been exposed or compromised. However, the company is notorious for being anything but lenient in such cases, so it remains to be seen what’s next.
Fueled by a childhood spent taking apart video game consoles to see how they worked, I turned my passion for tech into writing. I have a double Bachelor’s in Computer Science Engineering (2018) and English (2024). I’ve been writing on a variety of tech topics since 2016, with a particular interest in gaming. When I’m not hunting down the latest tech news, you’ll find me producing music, gaming, or hiking.
Leave a Reply