Home security giant ADT says hackers used stolen credentials to hack into its systems

American home security giant ADT has disclosed a data security incident that involved a threat actor infiltrating its systems by using valid credentials stolen from a third-party business partner.

 

In a recent filing with the U.S. Securities and Exchange Commission, ADT said that it recently detected unauthorised activity in its internal network and quickly launched an investigation with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

The investigation revealed that an unauthorised threat actor gained illegal access to ADT’s internal network by using credentials obtained through one of the company’s business partners.

 

ADT promptly took steps to eliminate the unauthorised access and notified the third party that its systems had been compromised. It also “implemented counter measures intended to safeguard the Company’s information technology assets and operations” and notified federal law enforcement about the incident.

 

“The Company believes the unauthorised actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion,” ADT said in its filing. “Based on its investigation to date, the Company does not believe customers’ personal information has been exfiltrated, or that customers’ security systems have been compromised.

 

“ADT’s containment measures have resulted in some disruptions to the Company’s information systems,” the home security company added.

 

ADT’s latest announcement follows another data security incident the company suffered in August that involved threat actors infiltrating its internal network and gaining access to “certain databases containing ADT customer order information.”

 

While ADT did not reveal the nature of the cyber attack, it did say that the hackers responsible for the cyber attack accessed certain sensitive personal information of its customers. The compromised data included email addresses, phone numbers and postal addresses.

 

On July 31, a threat actor going by the name “netnsher” leaked a database on the dark web allegedly stolen from ADT. According to the hacker’s post, the database contained 30,800 customer records, including customer emails, complete addresses, user IDs, and the products purchased.