10TH AUG 2024
ADT, a major American provider of building security services, has confirmed a data breach that led to the exposure of customer data, which was subsequently leaked on a well-known hacking forum.
ADT, a publicly traded company, is renowned for its security and smart home solutions for residential and small business clients throughout the United States. The company employs approximately 14,300 people, generates annual revenue of $4.98 billion, and serves around 6 million customers across 200 locations.
In a recent regulatory filing with the Securities and Exchange Commission (SEC), ADT revealed that threat actors had breached its databases, gaining access to sensitive customer information. The disclosure was made in a Form 8-K filing submitted on Thursday morning.
"ADT Inc. recently experienced a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information," the filing stated. "Upon discovering the incident, the company took immediate steps to halt the unauthorized access and launched an investigation, collaborating with leading third-party cybersecurity experts."
The compromised data reportedly includes limited customer information such as email addresses, phone numbers, and postal addresses. However, ADT has assured customers that there is no indication their home security systems were compromised. The company also stated that there is no evidence to suggest that credit card or banking information was accessed during the breach.
While ADT did not disclose the number of affected customers, it noted that they represent a small percentage of its overall client base.
The breach was made public when a threat actor known as 'netnsher' posted what they claimed to be 30,800 customer records allegedly stolen from ADT on a hacking forum on July 31st. The leaked data reportedly includes customer emails, full addresses, user IDs, and details of purchased products.
Earlier in July, a separate threat actor claimed to have leaked corporate files allegedly stolen from ADT between 2020 and 2023. However, this earlier incident is not believed to be connected to the recent breach.
ADT has yet to provide a detailed statement on the breach or the extent of the data compromised. Till the filing of this report, no immediate response was available.
This incident underscores the ongoing cybersecurity risks facing companies that manage sensitive customer data, highlighting the critical need for strong security measures and swift response strategies to mitigate the damage caused by such breaches.
