ADT Discloses Second Breach in 2 Months, Hacked Via Stolen Credentials
Summary:
Security giant ADT disclosed it suffered a breach after actors gained access to its systems using stolen credentials and exfiltrated employee account data. On Monday, ADT filed a 8-K filing with the SEC, noting that the credentials were stolen from a third-party business partner, thus enabling the actors to breach ADT systems. ADT has since then terminated the unauthorized access and initiated an investigation with the help of third-party cyber security experts. According to ADT, encrypted account data for employees was stolen in the attack. As of writing, the company does not have evidence to suggest that customer’s data or security systems have been compromised.
Security Officer Comments:
ADT says that its containment measures have resulted in some disruptions to the company’s information systems, likely due to these systems being taken offline to reduce the impact of the attack. At the moment, the breach has yet to be attributed to a known threat group.
The development comes after the company disclosed another breach in early August, stating that an actor leaked 30,800 customer records, including customer emails, complete addresses, user IDs, and the products purchased, on a hacking forum. While the security giant does not have evidence to suggest that customer data was stolen in the latest breach, ADT customers should still be on the lookout for targeted phishing emails, notably those impersonating ADT, as a means to gain more data of interest.
Link(s):
https://www.bleepingcomputer.com/ne...ch-in-2-months-hacked-via-stolen-credentials/
https://www.sec.gov/Archives/edgar/data/1703056/000119312524233900/d876174d8k.htm
Security giant ADT disclosed it suffered a breach after actors gained access to its systems using stolen credentials and exfiltrated employee account data. On Monday, ADT filed a 8-K filing with the SEC, noting that the credentials were stolen from a third-party business partner, thus enabling the actors to breach ADT systems. ADT has since then terminated the unauthorized access and initiated an investigation with the help of third-party cyber security experts. According to ADT, encrypted account data for employees was stolen in the attack. As of writing, the company does not have evidence to suggest that customer’s data or security systems have been compromised.
Security Officer Comments:
ADT says that its containment measures have resulted in some disruptions to the company’s information systems, likely due to these systems being taken offline to reduce the impact of the attack. At the moment, the breach has yet to be attributed to a known threat group.
The development comes after the company disclosed another breach in early August, stating that an actor leaked 30,800 customer records, including customer emails, complete addresses, user IDs, and the products purchased, on a hacking forum. While the security giant does not have evidence to suggest that customer data was stolen in the latest breach, ADT customers should still be on the lookout for targeted phishing emails, notably those impersonating ADT, as a means to gain more data of interest.
Link(s):
https://www.bleepingcomputer.com/ne...ch-in-2-months-hacked-via-stolen-credentials/
https://www.sec.gov/Archives/edgar/data/1703056/000119312524233900/d876174d8k.htm