ADT Data Breach Exposes Names, Addresses and Social Security Numbers

Other Commercial data breach illustration
Breach Discovery: 20th April 2026Breach Notification: Not Publicly Disclosed

What Happened in the ADT Data Breach?

ADT, the well-known home security company, confirmed a data breach in April 2026 after a hacking group known as ShinyHunters listed the company on an extortion website. The ADT data breach became public when the attackers posted ADT’s name as part of a “pay or leak” scheme. This means the hackers threatened to release stolen data unless ADT paid a ransom.

According to available information, ShinyHunters gained access to ADT systems and extracted customer records before making its extortion demand. As a result, ADT was forced to confirm that a breach had occurred. The exact method the attackers used to break into ADT’s systems has not been publicly disclosed.

Once ADT learned of the incident, the company began investigating the scope of the intrusion. Because ShinyHunters listed ADT publicly, the breach came to light through the extortion attempt itself rather than through routine internal detection. ADT has stated that it contacted everyone affected, which indicates the investigation reached a point where the company could identify the impacted population.

At this time, the source material does not specify the exact date unauthorized access to ADT’s network began. However, the breach was confirmed and disclosed in April 2026, following the group’s public listing of the company.

Who was affected?

The ADT data breach affected a large number of people connected to the company’s home security services. Specifically, ADT reported that 5.5 million unique email addresses were involved in the incident. Because ADT serves both residential and business customers, this population likely spans homeowners across the United States who use ADT’s monitoring and alarm services.

In addition to email addresses, the breach touched other personal details tied to those accounts. For example, names, phone numbers, and physical addresses were part of the exposed data. Since ADT customers provide home addresses for service purposes, this raises unique physical security concerns beyond typical identity theft risks.

ADT also noted that a smaller subset of affected individuals had more sensitive information exposed. This smaller group faces a higher risk because their data included partial Social Security numbers or Tax ID numbers along with dates of birth. Although this is described as a small percentage of the total group, it still represents a meaningful number of people given the overall scale of the breach.

What Information Was Potentially Exposed?

The ADT data breach involved several categories of personal information. While not every affected person had the same data exposed, ADT has confirmed the following types of information were compromised:

  • Full names
  • Email addresses
  • Phone numbers
  • Physical home addresses
  • Dates of birth (in a small percentage of cases)
  • Last four digits of Social Security numbers or Tax IDs (in a small percentage of cases)

For most affected individuals, the exposed data centers on contact information rather than financial account numbers. However, even contact information can be misused. For instance, criminals often combine names, addresses, and phone numbers to craft convincing phishing or scam messages targeting ADT customers specifically.

For the smaller group whose partial Social Security numbers and dates of birth were exposed, the risk is more serious. This combination of data can help fraudsters attempt identity theft, open fraudulent accounts, or pass identity verification checks at financial institutions. Because ADT customers are homeowners with security systems, attackers could also use exposed physical addresses to target specific properties, which adds a layer of concern beyond standard financial fraud.

What is the company doing?

After confirming the breach, ADT stated that it contacted all individuals affected by the incident. This notification effort suggests ADT completed an internal review to determine who was impacted and to what extent. In response to the extortion attempt, ADT also likely worked with cybersecurity professionals to assess the intrusion and secure its systems, though specific technical remediation steps have not been publicly detailed.

Going forward, ADT will likely continue monitoring its systems for further suspicious activity. Because ShinyHunters used a


Related Data Breaches