It's assumed that given the information that RedHat picked up the phone and called the FBI
(who handles computer crime cases). Once that phone call is made Redhat will be "asked" to not
release any information that would interfere with the investigation.
Any breach where the Fed's don't get involved is a breech that wasn't reported to the Fed's.
Personally I wouldn't trust any company that doesn't call the cops when their business is
broken into, whether physical or informational.