Over the past few months, we’ve been nudging you to build strong passwords, scrub your data from brokers, and freeze your credit. Now comes the moment when all that work pays off, because this just happened:
If that headline reads like technobabble soup, don’t worry. Let’s decode it.
Hackers broke into GitLab, a platform where developers store and manage code — basically, the nerve center of how software gets built. According to reports, the attackers stole 800 Customer Engagement Reports (CERs). These reports can include sensitive details like:
Infrastructure layouts
Configuration data
Authentication tokens
In plain English? Those CERs are keys to the castle, blueprints that could let attackers infiltrate hundreds of companies from the inside out.
And the list of affected organizations isn’t small. We’re talking: Bank of America, T-Mobile, AT&T, Fidelity, Kaiser, Mayo Clinic, Walmart, Costco, the FAA, the House of Representatives, and many others.
Between when we first wrote this and when we hit publish, just a few days apart, this happened: a major AWS outage took down access to banks, medical portals, and other everyday essentials. As of this writing, some of those systems are still flickering in and out. This isn’t an isolated event; it’s a thing that will continue to happen.
So please, treat it that way — not as a one-time pain in the neck, but as a reminder to shore up your own digital life. Follow the steps below. They’re not glamorous, but they work.
So what does this mean for you?
Even if you’ve never used GitLab or Red Hat, it means there’s now a higher risk of trickle-down trouble — from service outages to compromised customer data. In other words, your personal info might be fine today, but these things can cascade.
But, as the Hitchhiker’s Guide to the Galaxy says: Don’t panic.
What you can do (right now)
Add a few small safety steps to your routine:
Make backups.
If any of the companies you rely on go offline or get hit, you’ll still have your receipts, medical records, or those suspiciously affordable Halloween skeleton orders.Download or document your data.
If a site lets you export your info, do it, and store it on a local external drive. If not, screenshot pages with important details like statements or account history.
Bonus round
Set a monthly reminder to “download statements and take screenshots.” It’s a boring five minutes that saves hours of chaos later.
Constant vigilance (but make it sustainable)
Security isn’t a one-and-done task. It’s a rhythm. Just like checking your credit after the Experian hack, you’ll want to make digital check-ins part of your regular life.
A few good tools make this much easier:
A password manager keeps the chaos in line.
Dark web monitoring lets you know if your data leaks.
A financial tracker like YNAB helps you spot weird account activity while keeping your budget tidy.
For now, remember: having systems and backups in place means you can roll with the punches instead of taking the hit. It’s a little extra work, but it’s the kind that helps you sleep better at night — knowing your digital ducks are (mostly) in a row. Because the hacking doesn’t stop. The world spins, the tea brews, and someone, somewhere, is still trying to steal a password.
Join us for tea!
CybersecuriTea is a free, plain-English guide to digital safety, designed for families, friends, and the folks you love. Subscribe today and get weekly tips to help keep your digital life secure.
Or, if you’d like to support our work and keep the kettle warm for everyone:
Issue # 20
This content may contain affiliate links. If you choose to sign up or make a purchase through them, we may earn a small commission, at no additional cost to you. Thank you for supporting CybersecuriTea.
