American company ADT, which is the largest provider of home security services in the country, reported a large-scale leak of customer data due to a hacker attack, writes Bleeping Computer. The incident happened on April 20 and the company said that it has already contacted all the affected persons and is conducting an investigation.
ADT did not say how many of its customers were affected by the breach, but it said the attackers stole customers’ names, phone numbers, dates of birth and addresses, as well as the last four digits of some Social Security numbers or tax identification numbers. At the same time, the company emphasized that bank accounts and payment information were not affected.
Hacker group ShinyHunters claimed responsibility for the attack. It claims to have obtained the data of more than 10 million customers, as well as internal corporate information. On its resource, the group issued a ransom demand to the company, threatening to publish the stolen information in case of refusal to pay. The exact amount of the buyout is currently unknown.
Hackers told BleepingComputer that they allegedly hacked ADT using voice phishing, compromising an employee’s Okta single sign-on (SSO) account. According to the attackers, they later used this account to access the company’s Salesforce environment and steal data.
ShinyHunters set a deadline of April 27 for a response, threatening further “digital problems” if the company didn’t get in touch.
At the time of publication, it had not been confirmed whether ADT had entered into negotiations with the attackers.
Recall that ShinyHunters recently also claimed responsibility for the hack Vercel cloud development platform and video game publisher Rockstar Games. Hackers also demanded a monetary ransom from them and disclosure of stolen data in case of refusal.
Share:
