Your data. Their breach. Your right to know.
Cybersecurity
101
ISSUE #001
MAY 1, 2026
WEEKLY EDITION
FREE TIER
4 active breaches this week 5.5M+ accounts exposed cybersecurity101.com

Welcome to Issue #1. Every week, we scan hundreds of cybersecurity sources and translate the hacks, leaks, and breaches into plain English — because you deserve to know when companies holding your data let hackers in. No jargon. No fluff. Just the facts, what they mean for you, and what to do about it.

🚨 Breach Alert This Week's Hacks
ADT — Home Security CRITICAL
ADT, one of America's most recognizable home security companies, was hit by a hacking group called ShinyHunters. Over 5.5 million customer accounts were stolen and are now circulating on the dark web. The stolen information includes names, email addresses, phone numbers, and home addresses.
🎒 Put simply
Imagine you hired a security guard to watch your house, and then a thief broke into the security guard's office and stole everyone's home addresses. That's what happened — the company paid to protect your home just leaked where you live to criminals.
Names & addresses Email addresses Phone numbers 5.5 million customers ⚠️ Phishing risk HIGH
SEIKO — Watchmaker (USA site) HIGH
Attackers hacked SEIKO's USA website and posted a ransom note publicly. The stolen data includes customer names, email addresses, phone numbers, purchase records, transaction details, and shipping references — essentially a full history of what you bought and where it was sent.
🎒 Put simply
A thief broke into SEIKO's online store's back room and made off with a list of every customer, what watch they bought, and where they live. They're now basically holding that information for ransom on the internet.
Purchase history Shipping addresses Transaction details Online shoppers affected
Salesforce via Gainsight HIGH
Hackers compromised a third-party app called Gainsight, which is connected to hundreds of companies using Salesforce. The breach affected data from over 200 companies, including Atlassian, Verizon, and others. This is a supply chain attack — they didn't break the main safe, they copied the master key.
🎒 Put simply
Think of a locksmith who makes keys for 200 different businesses. Hackers didn't break into each business — they just broke into the locksmith's shop and grabbed copies of everyone's keys at once. If you're a customer of any company that uses Salesforce, your data may have been inside.
Customer records 200+ companies affected Verizon • Atlassian Supply chain attack
Rituals — Beauty & Wellness MEDIUM
Rituals cosmetics disclosed a data breach exposing customers' full names, email addresses, phone numbers, dates of birth, gender, and home addresses. The breach was disclosed on April 22nd and the company says containment measures were taken immediately.
🎒 Put simply
If you shop at Rituals for candles, skincare, or gifts, a hacker now knows your name, birthday, where you live, and how to contact you. That's enough information to convincingly impersonate you or trick you with a very believable phishing email.
Dates of birth Home addresses Email & phone Loyalty customers
💡 Did You Know The Layman's Corner
241 days
That's how long it takes the average company to even notice they've been hacked.
That means hackers can be inside a company's systems, quietly reading your data, for over 8 months before anyone knows. By the time you get the breach notification letter in the mail, the damage was done months ago.
$50
The price of an employee's stolen login credentials on the dark web.
Hackers don't always need to break through walls. They just buy the front door key. "Initial Access Brokers" — actual hacker job titles — specialize in breaking into companies and selling access to other criminals. One stolen password = the keys to the kingdom.
11/day
That's how many data breaches are publicly disclosed every single day in America.
And that's just the reported ones. Many breaches are never made public, or are disclosed months later. Right now, there are likely dozens of companies whose systems have been broken into that you won't hear about for another six months.
📼 Hacker History Stories from the Dark Side
This week's story 2013
The Target Hack: How Hackers Stole 40 Million Credit Cards Through a Heating Company

It was the week before Christmas, 2013. Americans were flooding Target stores for holiday shopping. Unbeknownst to anyone, hackers had been silently sitting inside Target's payment systems for three weeks — skimming the credit and debit card information of every single person who swiped their card at a register.

Here's the wild part: they didn't get in through Target at all. They got in through Fazio Mechanical — a small Pennsylvania company that handled Target's refrigeration and HVAC systems. Fazio had a portal into Target's network so they could remotely monitor the heating units. The hackers broke into Fazio's computers, stole their login credentials, and used them to walk right through Target's back door.

Once inside, they installed malicious software on Target's point-of-sale systems — the card readers at checkout. Every card swipe was captured in real time. By the time it was over, 40 million credit and debit card numbers had been stolen, along with the personal data of 70 million customers. The breach cost Target over $200 million in damages and led to the resignation of their CEO.

The lesson

A chain is only as strong as its weakest link. The most sophisticated hackers rarely attack the main target head-on. They find the side door — a vendor, a contractor, a third-party app. This is exactly what happened to Salesforce this week through Gainsight. Same playbook, 13 years later.

🛠️ Fix It What You Can Do Right Now
🔒
Freeze your credit
Free at Equifax, Experian, and TransUnion. Stops new accounts from being opened in your name — even if hackers have your SSN.
🔑
Use a password manager
Bitwarden is free. One unique password per site means a breach at one company doesn't unlock everything else you own.
📧
Check HaveIBeenPwned
Visit haveibeenpwned.com and enter your email. It shows every breach your email has appeared in. Free, no signup needed.
🚨
Enable login alerts
Turn on 2FA and login notifications on every account that holds financial or health information. Your bank, Amazon, Google — all of them.
Partner
Want to remove your personal info from the internet entirely? DeleteMe is a service that continuously scrubs your name, address, and phone number from data broker sites. Learn more →

Get Real-Time Breach Alerts

Upgrade to Cybersecurity101 Pro and we'll notify you the moment a company you use gets hacked — before the news covers it. Add the companies you bank with, shop at, and trust with your health data. $60/year.

Upgrade to Pro — $60/yr