It will probably take a bit of time. A breach of a publically traded company will be
investigated by various US Federal law enforcement and possibly other agencies(not sure if the
stock people have to look).. those agencies will put a legal clamp on releasing any
information until their investigation is done and they are sure that releasing the information
will not damage their investigation or possible future court case.
That basically means that Red Hat/Fedora can't say anything without getting an ok from their
legal who has to get an ok from the various investigating groups who will have to co-ordinate
with each other to give an ok.