Tech

Hackers got data on 5.5 million ADT customers by phishing, report says

Apr 28, 2026 - 06:00
 0
Hackers got data on 5.5 million ADT customers by phishing, report says
Logo for security company ADT on installation van parked on street

Millions of people use security company ADT to protect their home or business. And yet their cybersecurity may have been compromised in the latest high-profile breach from hacking group ShinyHunters.

The website Have I Been Pwned reports that a ShinyHunters data breach included 5.5 million unique email addresses associated with ADT customers. ADT says that customers' payment information wasn't compromised.

Still, the company confirmed that the breach included customer names, phone numbers, and addresses, as well as Social Security and Tax ID numbers in a minority of cases.

"ADT's cybersecurity systems detected unauthorized access to a limited set of customer and prospective customer data on April 20," reads an ADT blog post confirming the breach. "The company's response protocols activated immediately — terminating the intrusion, launching a forensic investigation with leading third-party cybersecurity experts, and notifying law enforcement."

ShinyHunters told Bleeping Computer they gained access to the ADT Salesforce account by compromising an employee's Okta SSO login credentials. Bleeping Computer added that the hackers used voice phishing. The recent Panera Bread breach, also traced back to ShinyHunters, reportedly also involved SSO phishing.

Okta, a popular SSO service provider, recently warned about the prevalence of voice phishing attacks (also known as vishing) in a recent blog post, which included tips for guarding against these cyberattacks.

ShinyHunters is a prolific hacking organization. In recent months, the group has also been responsible for high-profile breaches involving Rockstar Games, Crunchyroll, Salesforce, Bumble, and others. Ransomware attacks may result.

In a typical ransomware attack, the hackers threaten to release or sell leaked customer or company data on the dark web unless the compromised organization agrees to pay a ransom.

Want to learn more about getting the best out of your tech? Sign up for Mashable's Top Stories and Deals newsletters today.

Read More

Related Posts

Interviews with 50+ current and ex-staffers reveal Google's two-year race to catch up with OpenAI, including through layoffs and lowering some guardrails (Wired)

Interviews with 50+ current and ex-staffers reveal Goog...

Mar 21, 2025  8

Cloudflare announces AI Labyrinth, which uses AI-generated content to confuse and waste the resources of AI Crawlers and bots that ignore "no crawl" directives (The Cloudflare Blog)

Cloudflare announces AI Labyrinth, which uses AI-genera...

Mar 21, 2025  5

Tencent says it has slowed the pace of its GPU rollout since implementing DeepSeek, and that most of its GPU capex goes toward its ad and gaming businesses (Simon Sharwood/The Register)

Tencent says it has slowed the pace of its GPU rollout ...

Mar 21, 2025  1

Sources: KKR, Coatue, and other ByteDance investors are exploring buying out Chinese investors from TikTok US to assure Trump that it is free of Chinese control (Financial Times)

Sources: KKR, Coatue, and other ByteDance investors are...

Mar 21, 2025  3

Top 10 AI Content Generator & Writer Tools in 2022

Top 10 AI Content Generator & Writer Tools in 2022

Mar 21, 2025  5

Micron Q2: revenue up 38% YoY to $8.05B, vs. $7.89B est., net income up 100% to $1.58B, data center revenue up 200%, and offers better-than-expected Q3 guidance (Ashley Capoot/CNBC)

Micron Q2: revenue up 38% YoY to $8.05B, vs. $7.89B est...

Mar 21, 2025  0