Breach taxonomy
Summary
ADT became aware on April 20, 2026 of unauthorized access to certain cloud-based environments. The company terminated the access, activated its incident response plan, engaged third-party cybersecurity experts, and notified law enforcement. Investigation determined that only limited customer and prospective customer data was accessed; the company stated the incident is not reasonably likely to have a material impact on financial condition, results of operations, or ongoing business operations. Filed under Item 8.01; materiality not yet determined as of filing date.
Tagging rationale
ThreatUnknown
Filing references only 'unauthorized access' with no attribution to actor type or motive → UNKNOWN.
MethodsAccount Takeover
Filing describes 'unauthorized access to certain cloud-based environments' that the company then 'terminated'; no ransomware, malware, or exfiltration explicitly named, but cloud-environment intrusion implies credential or session compromise → ACCOUNT-TAKEOVER. Initial vector not specified.