ADT says hacker stole encrypted internal employee data after compromising business partner
Home security giant ADT said in a regulatory filing on Monday that a hacker compromised the systems of a third-party business partner and used it to steal encrypted internal employee data.
ADT did not say when the incident occurred in its filing with the U.S. Securities and Exchange Commission, but explained that it is working with federal law enforcement in response to the breach.
“ADT Inc. recently became aware of unauthorized activity on the Company’s network, and discovered an unauthorized actor had illegally accessed ADT’s network using compromised credentials obtained through a third-party business partner,” the company said.
“The Company believes the unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion. Based on its investigation to date, the Company does not believe customers’ personal information has been exfiltrated, or that customers’ security systems have been compromised.”
The person’s access was shut down and the business partner was notified that their systems had been compromised, according to ADT, and the company is working with them on the investigation.
Unspecified “countermeasures” were initiated and ADT warned that its containment measures have “resulted in some disruptions to the Company’s information systems.”
ADT did not respond to requests for comment about when this incident occurred, how many employees were affected and what kind of employee information was taken during the incident.
The Florida-based ADT, which has evolved numerous times since its founding in 1874, reported $1.2 billion in earnings last quarter through its sale of alarm monitoring services for homes and businesses.
The security incident comes just two months after ADT issued another SEC filing confirming that hackers stole databases containing ADT customer order information. The filing was made in response to dark web cybercriminal forum posts made by the hackers in July attempting to sell the stolen data.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.