ADT says hackers managed to slip into its systems and grab personal information for some current and prospective customers, and that those affected are already being notified and offered identity-protection services. The home-security giant is calling the breach limited in scope, stressing that core alarm systems and payment systems stayed locked down. If your data was involved, the company says you should receive more details directly.
ADT's statement and scope
In a post on its website, ADT said its cybersecurity team spotted unauthorized access to certain cloud-based environments on April 20, cut off the intrusion, brought in third-party forensic specialists, and notified law enforcement, according to ADT. The company says the information exposed was generally limited to names, phone numbers, and addresses. In a small percentage of cases, dates of birth and the last four digits of Social Security numbers or tax IDs were also involved. ADT emphasized that no payment information or customer alarm systems were touched.
Who claims responsibility and how
The extortion crew ShinyHunters is taking credit, posting a listing that claims it grabbed more than 10 million ADT records and demanding payment by April 27, according to BleepingComputer. The group told the outlet it pulled off the attack using voice-phishing (vishing) to compromise an employee's Okta single-sign-on account, then used that access to get into a Salesforce instance, a technique that has surfaced in other recent cloud-focused extortion schemes.
What ADT is doing and local reporting
ADT says it has directly notified everyone it believes was affected and will offer complimentary identity-protection services where appropriate, a point also highlighted by FOX 32 Chicago. The outlet, reporting from Orlando, noted that ADT has not publicly confirmed the full number of records the attackers claim to have in hand.
How to protect yourself
If a notification from ADT lands in your mailbox or inbox, federal consumer officials suggest standard damage-control steps: consider placing a fraud alert or credit freeze, keep a close eye on bank and credit-card statements, and file a report at IdentityTheft.gov, according to guidance from the FTC. Customers should also watch out for phishing emails, texts, or calls that piggyback on the breach and verify any recovery offers by contacting ADT through its official customer-service channels.
What happens next
ADT filed a regulatory disclosure about the incident on April 24 and told investors it does not currently expect the breach to have a material impact on its financial results, based on its incident-response review, according to reporting on the filing by Investing.com. The company says it will keep evaluating the scope of the intrusion and will update customers and regulators as its investigation moves forward.
