ADT Faces Class Action Lawsuit Over April 2026 Data Breach Exposing 10 Million Records
A proposed class action lawsuit alleges that ADT, a major provider of residential and commercial security services, failed to implement adequate cybersecurity measures, leading to a significant data breach in April 2026. The attack, claimed by the cybercriminal group ShinyHunters, resulted in the unauthorized access of over 10 million records containing sensitive customer information.
The 35-page complaint details that the breach, occurring on or around April 20, 2026, exposed personally identifiable information (PII), including names, phone numbers, addresses, dates of birth, partial Social Security numbers, and tax IDs. The lawsuit argues that ADT, aware of its status as a high-value target due to the volume and sensitivity of data it collects, neglected to follow Federal Trade Commission (FTC) guidelines on data protection.
The suit further contends that ADT’s response to the breach has been insufficient. While the company issued a public statement four days after the incident, affected individuals remain uninformed about the specifics of the breach, the exact data compromised, and the steps ADT has taken to mitigate the damage. The complaint also criticizes ADT for failing to provide timely notifications and the promised identity protection services.
The exposed data, particularly Social Security numbers, places victims at long-term risk of identity theft, fraud, and phishing attacks. The lawsuit seeks to represent all U.S. individuals whose information was compromised in the breach.
ADT Security Services cybersecurity rating report: https://www.rankiteo.com/company/adt-security-services
"id": "ADT1779222519",
"linkid": "adt-security-services",
"type": "Breach",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '10 million',
'industry': 'Security Services',
'location': 'United States',
'name': 'ADT',
'size': 'Large',
'type': 'Company'}],
'customer_advisories': 'Affected individuals remain uninformed about '
'specifics of the breach and mitigation steps',
'data_breach': {'number_of_records_exposed': '10 million',
'personally_identifiable_information': 'Names, phone numbers, '
'addresses, dates of '
'birth, partial Social '
'Security numbers, tax '
'IDs',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Partial Social Security Numbers',
'Tax IDs']},
'date_detected': '2026-04-20',
'date_publicly_disclosed': '2026-04-24',
'description': 'A proposed class action lawsuit alleges that ADT failed to '
'implement adequate cybersecurity measures, leading to a '
'significant data breach in April 2026. The attack, claimed by '
'the cybercriminal group ShinyHunters, resulted in the '
'unauthorized access of over 10 million records containing '
'sensitive customer information, including PII such as names, '
'phone numbers, addresses, dates of birth, partial Social '
'Security numbers, and tax IDs.',
'impact': {'brand_reputation_impact': 'Negative',
'data_compromised': '10 million records',
'identity_theft_risk': 'High',
'legal_liabilities': 'Class Action Lawsuit'},
'motivation': 'Data Theft',
'post_incident_analysis': {'root_causes': 'Inadequate cybersecurity measures'},
'references': [{'source': 'Class Action Lawsuit Complaint'}],
'regulatory_compliance': {'legal_actions': 'Class Action Lawsuit',
'regulations_violated': 'Federal Trade Commission '
'(FTC) guidelines on data '
'protection'},
'response': {'communication_strategy': 'Public statement issued four days '
'after the incident'},
'threat_actor': 'ShinyHunters',
'title': 'ADT Faces Class Action Lawsuit Over April 2026 Data Breach Exposing '
'10 Million Records',
'type': 'Data Breach'}