Skip to main content
close search
site logo
Dive Brief

ADT employee account data stolen in cyberattack

The alarm system company said an attacker accessed its network with compromised credentials obtained from an unnamed third party.

Published Oct. 8, 2024
Matt Kapko's headshot
Senior Reporter
ADT sign outside of a private home
An ADT home security alarm sign is seen in front of a home on February 16, 2016, in Miami. The company disclosed a cyberattack on its network on Oct. 7, 2024. Joe Raedle via Getty Images

Dive Brief:

  • An attacker breached ADT’s systems using compromised credentials obtained from a third party, the alarm system company said Monday in a securities filing.
  • ADT said its efforts to contain the incident led to the disruption of some information systems. The company did not describe the nature of the attack or provide a timeline for how and when it discovered the intrusion into its systems. 
  • The incident marks the second attack targeting ADT in as many months. The company disclosed a separate cybersecurity incident in a securities filing on Aug. 7, which resulted in unauthorized access of databases containing ADT customer order information.

Dive Insight:

The attack on ADT underscores the persistent downstream risk of compromised credentials. Poor identity governance is a chronic condition that cybersecurity professionals, threat hunters and incident response firms have been sounding the alarm about for years.

Valid account compromises accounted for almost one-third of global cyberattacks in 2023, making them the most common initial access vector for intrusions, according to IBM X-Force’s Threat Intelligence report.

ADT said the attacker exfiltrated encrypted internal company data related to employee user accounts. “Based on its investigation to date, the company does not believe customers’ personal information has been exfiltrated, or that customers’ security systems have been compromised,” ADT said in the filing.

The company said it disrupted the unauthorized access, informed the unnamed third party of the breach and implemented “counter measures” to safeguard its IT assets and operations. The Florida-based company hired outside cybersecurity experts to assist with an investigation and ADT’s response to the incident.

“We are investigating a cyberattack on our network,” a company spokesperson said Tuesday via email.

The company declined to say if ransomware was involved or the type of disruptions it's experiencing as a result of its recovery efforts. The 150-year-old company has more than 6 million customers in the U.S.

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell