ADT says customer data stolen in cyber intrusion

The home security company ADT said cybercriminals breached company systems on Monday and stole a “limited set” of customer and prospective customer information.

An investigation into the incident found the stolen information ranged from names, phone numbers, addresses and dates of birth to the last four digits of Social Security numbers and tax IDs. No payment data was stolen and an ADT spokesperson said “customer security systems were not affected or compromised in any way.”

The company did not respond to questions about the number of people impacted or if a ransom was offered. On Thursday, a cybercriminal group claimed to have stolen 10 million records containing personal information and threatened to leak the data if the company did not pay a ransom. 

ADT said it has directly notified all impacted individuals and “will offer complimentary identity protection services where appropriate.” Law enforcement has been notified of the attack, according to the spokesperson, and third-party cyber experts have been brought in. 

The Florida-based company is the leading provider of alarm monitoring systems, reporting $5.1 billion in revenue last year. ADT has reported multiple cybersecurity breaches and intrusions over the last two years to the Securities and Exchange Commission, including incidents involving customer and employee data.

ADT is the latest victim in the most recent string of attacks launched by the ShinyHunters cybercriminal operation. In April alone, the group targeted gaming giant Rockstar and education company McGraw Hill. 

Law enforcement appeared to get the upper hand against the group through the end of 2025 after a run of industry-specific attacks in the summer. A British member of ShinyHunters pleaded guilty last week and is facing up to 22 years in prison while another member is serving a 10-year sentence. 

The group resurfaced with a new data leak site earlier this year and again claimed several high-profile incidents involving attacks on dating app companies Bumble and Match Group, Canada Goose, the University of Pennsylvania and the European Commission.