Cyber crime

ADT data breach exposes over 30,000 customer records

Catherine Chipeta
3 Min
AD

American building security giant ADT has confirmed a data breach affecting over 30,000 customers after threat actors illegally accessed databases containing customer information. The firm, which serves approximately 6 million customers across 200 locations in the United States and has an annual revenue of $4.98 billion, disclosed the breach in a Form 8-K regulatory filing with the Securities and Exchange Commission (SEC).

Key details

  • ADT confirms data breach affecting customer databases
  • Exposed information includes email addresses, phone numbers, and postal addresses
  • Over 30,000 customer records allegedly leaked on a hacking forum
  • No evidence of compromised home security systems or financial information
  • Investigations into the breach are ongoing

How did the ADT data breach occur?

According to the 8-K filing, ADT became aware of unauthorized access to certain databases.

“After becoming aware of the incident, the company promptly took steps to shut down the unauthorized access and launched an investigation, partnering with leading third-party cybersecurity industry experts,” the filing states.

What data was exposed in the ADT data breach?

The exposed data includes limited customer information such as email addresses, phone numbers, and postal addresses. ADT stated that there is no evidence that customers’ home security systems were compromised or that credit card and banking information was stolen.

While ADT noted that affected individuals represent a small percentage of its overall client base, they did not provide specific figures. However, a threat actor known as ‘netnsher’ claimed to have leaked 30,800 customer records on a popular hacking forum. The leaked data allegedly includes customer emails, complete addresses, user IDs, and information about purchased products.

Ongoing investigation and company response

The investigation into the current breach is ongoing, and ADT has notified customers it believes to have been affected. The company does not expect the security breach to significantly impact its operations or financial condition.

This isn’t the first time ADT has faced security issues. In 2021, a former technician confessed to secretly viewing customer security cameras nearly 10,000 times over a four-year period by adding his own email to customer accounts.

Stolen data elevates cyber risks for your AP team

Cyber attacks have severe repercussions for both organizations and individuals, and their impact can extend even to those not directly targeted. Like the ongoing Snowflake data breach that left over 73 million AT&T customers’ data exposed.

Accounts payable (AP) and finance professionals are often on the frontline against business scams and cybercrime. With stolen data enabling further fraudulent activities, it’s crucial to focus on two key areas for protection:

  • Employee awareness: Ensure your team is informed and vigilant about potential scams and their warning signs. Regular training is essential, along with keeping employees updated on the latest breaches, risks, and scam tactics as part of a strong cyber awareness culture.
  • Anti-fraud processes: Human error is inevitable, so relying solely on employee awareness isn’t enough. Implement automated and centralized anti-fraud controls, such as segregation of duties, to create a robust defense against fraud.
Is your data leaked online?
Use our free data breach checker tool to see if your data has been exposed in a breach.

Related articles

The new security standard for business payments

Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.