ADT discloses second breach in 2 months, hacked via stolen credentials

Home and small business security company ADT disclosed it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data.

ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs over 14,000 people and has an annual revenue of $4.98 billion.

In a Monday evening FORM 8-K filing filed with the SEC, the company says that credentials were stolen from a third-party business partner that allowed threat actors to breach ADT's systems.

In response to the attack, ADT terminated the unauthorized access and began investigating the incident with third-party cybersecurity experts. As part of its investigations, it was determined that encrypted account data for employees was stolen in the attack.

"The Company promptly took steps to shut down the unauthorized access, notified the third party its systems had been compromised, launched an investigation, and implemented counter measures intended to safeguard the Company's information technology assets and operations," reads the ADT 8-K filing.

"ADT has hired leading third-party cybersecurity experts to assist with the Company's response to the incident, and is working closely with federal law enforcement. The Company is also cooperating closely with its third-party business partner to address the incident."

"The Company believes the unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion."

ADT warns that their containment measures have caused some disruption to the Company's information systems, likely as they were shut down to prevent the further spread of the attack.

However, shutting down IT systems also prevents legitimate access to internal applications and data, temporarily disrupting business operations while servers and workstations are investigated and restored as necessary.

The company says its investigation does not indicate that customers' data or security systems have been compromised.

BleepingComputer asked ADT questions about the attack, but no response was immediately available.

No ransomware gangs or other threat actors have claimed responsibility for the attack.

This is the second ADT breach in two months, with the company warning in August that they suffered a data breach after a threat actor leaked 30,800 customer records, including customer emails, complete addresses, user IDs, and the products purchased, on a hacking forum.