Breach taxonomy
Summary
ADT became aware of unauthorized activity on its network and discovered an unauthorized actor had accessed ADT's network using compromised credentials obtained through a third-party business partner. The company shut down the access, notified the third party its systems were compromised, engaged cybersecurity experts, and notified law enforcement. The unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts. No customer personal information was exfiltrated and no customer security systems were compromised. Containment measures caused some disruption to ADT's information systems. Filed under Item 8.01; company did not assert materiality determination.
Tagging rationale
ThreatUnknown
Filing does not attribute the incident to a specific actor category → UNKNOWN.
MethodsData ExfilSupply Chain
Unauthorized actor exfiltrated employee account data (DATA-EXFIL); initial access was via compromised credentials obtained through a third-party business partner whose systems were also compromised → SUPPLY-CHAIN.
AssetsConfidential Biz
Encrypted internal ADT data associated with employee user accounts was exfiltrated; no customer data obtained → CONFIDENTIAL-BIZ.
EffectsInfo Privacy LossBiz Interruption
Employee account data was exfiltrated (INFO-PRIVACY-LOSS); containment measures caused disruptions to ADT's information systems (BIZ-INTERRUPTION).
Business continuityPartial
Filing states containment measures resulted in some disruptions to information systems; investigation ongoing at time of filing, indicating partial containment and recovery → Partial.
Impact
Employee credential data exfiltrated via a third-party business partner compromise; limited to internal data, no customer impact, non-material per company → score 2.
InsuranceNot disclosed
Filing makes no mention of insurance → null.
Read the original SEC filing excerpt
Item 8.01 Other Information. ADT Inc. (ADT or the Company) recently became aware of unauthorized activity on the Company's network, and discovered an unauthorized actor had illegally accessed ADT's network using compromised credentials obtained through a third-party business partner. The Company promptly took steps to shut down the unauthorized access, notified the third party its systems had been compromised, launched an investigation, and implemented counter measures intended to safeguard the Company's information technology assets and operations. ADT has hired leading third-party cybersecurity experts to assist with the Company's response to the incident, and is working closely with federal law enforcement. The Company is also cooperating closely with its third-party business partner to address the incident. The Company believes the unauthorized actor exfiltrated certain encrypted internal ADT data associated with employee user accounts during the intrusion. Based on its investigation to date, the Company does not believe customers' personal information has been exfiltrated, or that customers' security systems have been compromised. ADT's containment measures have resulted in some disruptions to the Company's information systems, and the Company's investigation is at an early stage and ongoing.