ADT confirms data breach after customer info leaked on hacking forum
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum.
ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs 14,300 people, has an annual revenue of $4.98 billion, and serves approximately 6 million customers across 200 locations in the United States.
In a Thursday morning Form 8-K regulatory filing with the Securities and Exchange Commission (SEC), ADT says threat actors breached some of its databases and stole customer information.
"ADT Inc. recently experienced a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information," reads the 8-K filing.
"After becoming aware of the incident, the Company promptly took steps to shut down the unauthorized access and launched an investigation, partnering with leading third-party cybersecurity industry experts."
"The attackers nonetheless obtained some limited customer information, including email addresses, phone numbers, and postal addresses."
An investigation into the breach revealed that the exposed data includes limited customer information, email addresses, and locations.
Despite the cybersecurity incident, ADT says there is no evidence that customers' home security systems have been compromised. Also, ADT does not believe the attackers stole customers' credit card data or banking information.
ADT noted that affected people represent a small percentage of the company's overall client base; however, they did not provide any figures.
ADT data leaked on a hacking forum
While ADT did not share many details about the attack, on July 31st, a threat actor known as 'netnsher' leaked customer data allegedly stolen from ADT.
The threat actor says the leaked data includes 30,800 customer records, including customer emails, complete addresses, user IDs, and the products purchased.
In early July, another threat actor claimed to have leaked corporate files stolen from ADT in 2020-2023, but it is not believed to be related to this incident.
BleepingComputer has contacted ADT to learn more about the cyberattack, but a statement wasn't immediately available.
source: BleepingComputer
Free security scan for your website
Top News:
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
November 18, 2024CWE top 25 most dangerous software weaknesses
November 21, 2024Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
November 21, 2024APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
November 23, 2024Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs
November 23, 2024Download: CIS Critical Security Controls v8.1
August 8, 2024