ADT says hacker stole encrypted internal employee data after compromising business partner

Omega Balla
Home security giant ADT said in a regulatory filing on Monday that a hacker compromised the systems of a third-party business partner and used it to steal encrypted internal employee data.

Home security giant ADT said in a regulatory filing on Monday that a hacker compromised the systems of a third-party business partner and used it to steal encrypted internal employee data.

ADT did not say when the incident occurred in its filing with the U.S. Securities and Exchange Commission,  but explained that it is working with federal law enforcement in response to the breach.

“ADT Inc. recently became aware of unauthorized activity on the Company’s network, and discovered an unauthorized actor had illegally accessed ADT’s network using compromised credentials obtained through a third-party business partner,” the company said

“The Company believes the unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion. Based on its investigation to date, the Company does not believe customers’ personal information has been exfiltrated, or that customers’ security systems have been compromised.”

The person’s access was shut down and the business partner was notified that their systems had been compromised, according to ADT, and the company is working with them on the investigation.

Unspecified “countermeasures” were initiated and ADT warned that its containment measures have “resulted in some disruptions to the Company’s information systems.”

ADT did not respond to requests for comment about when this incident occurred, how many employees were affected and what kind of employee information was taken during the incident. 

The Florida-based ADT, which has evolved numerous times since its founding in 1874, reported $1.2 billion in earnings last quarter through its sale of alarm monitoring services for homes and businesses. 

The security incident comes just two months after ADT issued another SEC filing confirming that hackers stole databases containing ADT customer order information. The filing was made in response to dark web cybercriminal forum posts made by the hackers in July attempting to sell the stolen data. 

CybercrimeIndustryNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Ukrainian pleads guilty to running Raccoon Infostealer malware, agrees to pay nearly $1 million

Next Post

MoneyGram says customer information stolen during September attack

Related Posts

TechEd 2024

May 21-23, 2024Location: Prague, Czech Republic The upcoming event TechEd 2024 the largest Czech&Slovak IT conference has arrived!…
Avatar
Read More

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation

Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. "A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may
Avatar
Read More