ADT says customer data stolen in cyber intrusion

IMAGE: THE BLOWUP / UNSPLASH ADT says customer data stolen in cyber intrusion The home security company ADT said cybercriminals breached company systems on Monday and stole a “limited set” of customer and prospective customer information. An investigation into the incident found the stolen information ranged from names, phone numbers, addresses and dates of birth to the last four digits of Social Security numbers and tax IDs. No payment data was stolen and an ADT spokesperson said “customer security systems were not affected or compromised in any way.” The company did not respond to questions about the number of people impacted or if a ransom was offered. On Thursday, a cybercriminal group claimed to have stolen 10 million records containing personal information and threatened to leak the data if the company did not pay a ransom.  ADT said it has directly notified all impacted individuals and “will offer complimentary identity protection services where appropriate.” Law enforcement has been notified of the attack, according to the spokesperson, and third-party cyber experts have been brought in.  The Florida-based company is the leading provider of alarm monitoring systems, reporting $5.1 billion in revenue last year. ADT has reported multiple cybersecurity breaches and intrusions over the last two years to the Securities and Exchange Commission, including incidents involving customer and employee data. ADT is the latest victim in the most recent string of attacks launched by the ShinyHunters cybercriminal operation. In April alone, the group targeted gaming giant Rockstar and education company McGraw Hill.  Law enforcement appeared to get the upper hand against the group through the end of 2025 after a run of industry-specific attacks in the summer. A British member of ShinyHunters pleaded guilty last week and is facing up to 22 years in prison while another member is serving a 10-year sentence.  The group resurfaced with a new data leak site earlier this year and again claimed several high-profile incidents involving attacks on dating app companies Bumble and Match Group, Canada Goose, the University of Pennsylvania and the European Commission. Previous article Next article Pentagon grapples with securing AI as it moves toward autonomous warfare Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.