ADT confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen records unless paid, saying it detected unauthorized access on April 20 and terminated the intrusion. The company said stolen data was limited mainly to names, phone numbers, and addresses, with a small number of records including dates of birth and the last four digits of Social Security numbers or Tax IDs, and that no payment information or home security systems were affected. #ADT #ShinyHunters
Keypoints
- ADT detected and stopped unauthorized access on April 20 and has contacted affected individuals.
- Stolen data primarily included names, phone numbers, and addresses, with a small subset containing DOBs and last four digits of SSNs or Tax IDs.
- ADT stated no payment information or customer security systems were accessed or compromised.
- ShinyHunters claims to have stolen over 10 million records and says it gained access via a vishing attack that compromised an employee’s Okta SSO and accessed Salesforce.
- Extortion actors continue to target corporate SSO accounts (Okta, Microsoft Entra, Google) to exfiltrate SaaS data for ransom; ADT previously disclosed breaches in August and October 2024.