ADT Suffers Data Breach as ShinyHunters Claims Theft of 10 Million Records
ADT, the Florida-based home security provider, confirmed a cyberattack on Monday that resulted in the theft of customer and prospective customer data. The breach exposed names, phone numbers, addresses, dates of birth, and the last four digits of Social Security numbers and tax IDs though payment data and security systems remained unaffected.
While ADT did not disclose the number of impacted individuals or whether a ransom was demanded, the cybercriminal group ShinyHunters later claimed responsibility, alleging the theft of 10 million records and threatening to leak the data unless paid. ADT has notified affected customers and is offering identity protection services where necessary. Law enforcement has been alerted, and third-party cybersecurity experts are assisting in the investigation.
This incident marks the latest in a series of attacks by ShinyHunters, which has targeted high-profile organizations in recent months, including Rockstar Games, McGraw Hill, Bumble, and the European Commission. The group resurfaced earlier this year after a period of reduced activity, following legal setbacks in 2025 when two members were sentenced one to 22 years in prison and another to 10 years.
ADT, which reported $5.1 billion in revenue last year, has faced multiple cybersecurity breaches in the past two years, including prior incidents involving customer and employee data. The company continues to respond to the latest attack as authorities monitor the situation.
Source: https://therecord.media/ADT-data-breach-cyberattack
ADT cybersecurity rating report: https://www.rankiteo.com/company/adt
"id": "ADT1777062235",
"linkid": "adt",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '10 million (alleged)',
'industry': 'Home Security',
'location': 'Florida, USA',
'name': 'ADT',
'size': 'Large (Reported $5.1 billion in revenue last '
'year)',
'type': 'Company'}],
'customer_advisories': 'Notified affected customers, offering identity '
'protection services',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '10 million (alleged)',
'personally_identifiable_information': 'Names, phone numbers, '
'addresses, dates of '
'birth, last four '
'digits of Social '
'Security numbers and '
'tax IDs',
'sensitivity_of_data': 'High (includes partial SSNs and tax '
'IDs)',
'type_of_data_compromised': 'Personal Identifiable '
'Information (PII)'},
'description': 'ADT, the Florida-based home security provider, confirmed a '
'cyberattack resulting in the theft of customer and '
'prospective customer data. The breach exposed names, phone '
'numbers, addresses, dates of birth, and the last four digits '
'of Social Security numbers and tax IDs. ShinyHunters claimed '
'responsibility, alleging the theft of 10 million records and '
'threatening to leak the data unless paid.',
'impact': {'brand_reputation_impact': 'Yes',
'data_compromised': 'Names, phone numbers, addresses, dates of '
'birth, last four digits of Social Security '
'numbers and tax IDs',
'identity_theft_risk': 'Yes',
'payment_information_risk': 'No'},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'Cyber Incident Report'}],
'response': {'communication_strategy': 'Notified affected customers, offering '
'identity protection services',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'third_party_assistance': 'Yes (cybersecurity experts)'},
'threat_actor': 'ShinyHunters',
'title': 'ADT Data Breach by ShinyHunters',
'type': 'Data Breach'}