Hackers got data on 5.5 million ADT customers by phishing, report says
Source: Mashable Tech
Millions of people use security company ADT to protect their home or business, but their cybersecurity may have been compromised in a recent breach attributed to the hacking group ShinyHunters.
Scope of the Breach
- The breach exposed 5.5 million unique email addresses linked to ADT customers, as reported by Have I Been Pwned.
- ADT confirmed that payment information was not compromised, but the leak included customer names, phone numbers, addresses, and in a minority of cases, Social Security and Tax ID numbers.
ADT’s Response
“ADT’s cybersecurity systems detected unauthorized access to a limited set of customer and prospective customer data on April 20,” reads the ADT blog post confirming the breach. “The company’s response protocols activated immediately — terminating the intrusion, launching a forensic investigation with leading third‑party cybersecurity experts, and notifying law enforcement.”
How the Attack Was Executed
- ShinyHunters accessed ADT’s Salesforce environment by compromising an employee’s Okta SSO login credentials.
- The group employed voice phishing (vishing) to obtain the credentials, as detailed by Bleeping Computer.
- Okta has warned about the rise of vishing attacks in a recent blog post, offering tips for protection.
Related Threats and Recent Breaches
ShinyHunters has been linked to several high‑profile incidents, including:
- Panera Bread – another SSO phishing‑based breach.
- Rockstar Games – see the Mashable report.
- Crunchyroll – see the Mashable report.
- Salesforce – see the Mashable report.
- Bumble – see the Mashable report.
Ransomware Risks
In typical ransomware scenarios, attackers threaten to release or sell leaked data on the dark web unless the targeted organization pays a ransom. While no ransom demand has been disclosed for the ADT incident, the possibility remains a concern for affected parties.