ADT Confirms Data Breach Following ShinyHunters Extortion Threat

ADT, a home security provider, confirmed a data breach on April 20, 2026, after detecting unauthorized access to its customer systems. The breach was claimed by the ShinyHunters extortion group, which listed the company on its leak site. 

The hackers reportedly used voice phishing (vishing) to trick an employee and gain control of their Okta single sign-on (SSO) account. This access allowed the attackers to pivot into ADT's Salesforce instance to steal sensitive information. 

Exposed data includes:

• Full names
• Phone numbers
• Home addresses
• Dates of birth (allegedly a small percentage)
• Last four digits of Social Security numbers or Tax IDs (allegedly a small percentage)

The ShinyHunters group claims additional data types were stolen:

• 10 million records containing personally identifiable information (PII)
• Internal corporate data

ADT stated that no bank account or credit card information was accessed, and its home security systems were not compromised. The number of affected individuals is not disclosed.

The attackers issued a ransom demand with a deadline of April 27, 2026. ADT has not publicly commented on whether it intends to negotiate with the group.