ADT Confirms Data Breach as ShinyHunters Claim Millions More Records Exposed

ADT has confirmed a data breach involving customer and prospective customer information, while the ShinyHunters hacking group claims the incident is far larger than the company acknowledges.

The Florida‑based home‑security company said it immediately brought in external cybersecurity investigators and notified federal authorities once the breach was identified. According to ADT, the compromised data set included names, phone numbers, and physical addresses, with a smaller number of individuals also affected by exposure of dates of birth and the last four digits of Social Security numbers or Tax Identification Numbers. The company emphasized that no financial information was accessed and that customer alarm systems and monitoring services were not impacted.

ADT stated that all affected individuals have been notified and will receive complimentary identity‑protection services. The incident has taken on new urgency after ShinyHunters, a well‑known cybercriminal group, claimed responsibility and alleged that the breach is far larger than ADT has acknowledged. On its leak site, the group asserted that it obtained more than 10 million records containing personal information and internal corporate data, issuing a public ultimatum demanding contact by April 27 before releasing the stolen material. The breach has also been added to the breach‑notification service Have I Been Pwned, which estimates that roughly 5.5 million records may have been exposed.

This marks another security challenge for ADT, which previously reported a similar incident in 2024. ShinyHunters, meanwhile, has been linked to a string of high‑profile attacks in recent months, including intrusions involving major technology firms and government entities. Despite arrests of several members in recent years, the group continues to operate aggressively.