ADT reveals another major network breach, but says no customer data was exposed
ADT has confirmed that it has suffered a cyber attack in which criminals stole sensitive information from its systems.
In one 8-K form filed with the US Securities and Exchange Commission (SEC), the US home security system provider said it “recently became aware” of unauthorized activity on its network.
The subsequent investigation confirmed that a threat actor managed to gain access to the company’s infrastructure using compromised credentials obtained through a third-party business partner. The company did not say which business partner was compromised – TechRadar Pro has contacted ADT with further questions.
Ransomware or no ransomware
Before being kicked out, the hackers managed to exfiltrate some information from ADT’s servers, the company confirmed. This includes encrypted data associated with employee user accounts. Customer information, including information about their security systems, has not been compromised, ADT confirmed.
To contain the incident, ADT expelled the attacker and engaged a third-party cybersecurity firm to assist with the investigation and forensic analysis. The company also notified the third party of the breach of its infrastructure and contacted law enforcement. It confirmed that the containment measures resulted in “some disruptions” to the IT network, but did not provide further details.
This isn’t the first time ADT has had to put out a cybersecurity fire, as it faced a similar incident in June 2024 where threat actors gained access to customer order data, as well as “restricted” customer information, including email addresses and phone numbers of people. and postal addresses.
At the time, the company said there was no evidence that further customer information, such as credit card details or banking details, had been compromised, and that the company’s home security systems are also secure. The data was later leaked on the infamous Breached forums by a poster named “netnsher”, who claimed to have access to a database containing more than 30,812 records, including 30,400 unique emails.
Via BleepingComputer
