Tech Made Simple

Hot Topics: All Roku Players Compared | Best iPad Keyboard Cases | How to Get Emergency Satellite Service for Your Phone

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

ADT refused to pay hackers – now 5.5 million customers' data is public

by Suzanne Kantra on April 27, 2026

ADT's Live Light yard sign turns on and glows when your alarm is tripped.

ADT detected unauthorized access to its systems on April 20, 2026. Four days later, it went public – not entirely by choice. The hacking group ShinyHunters had already posted a countdown on its dark web leak site: pay up by April 27 or the stolen data goes public. ADT didn't pay, and today, ShinyHunters dumped an 11GB archive of customer records.

ADT told BleepingComputer the stolen information includes names, phone numbers, and addresses. In a smaller number of cases, dates of birth and the last four digits of Social Security numbers or Tax IDs were also taken. The company says no payment information – bank accounts, credit cards – was accessed, and that home security systems were not compromised.

ShinyHunters claimed to have stolen over 10 million records. Have I Been Pwned, a breach notification service, analyzed the leaked data and put the confirmed victim count at 5.5 million people, including unique email addresses and partial government IDs.

According to ShinyHunters, they got in through a voice phishing attack – a phone call that tricked an ADT employee into handing over their login credentials for Okta, the company's single sign-on system. That gave them access to ADT's Salesforce database, where customer records were stored.

This is the third time ADT has disclosed a data breach since August 2024. The company also suffered breaches in August and October of that year.

Even if ADT had chosen to pay the ransom, it's possible the data still would have been released. According to security consultancy Unit 221B, which has analyzed ShinyHunters' activities, evidence strongly suggests this group has no intention of deleting the data. Payment only indicates the value of the breached data to the company, encouraging future hacks.

What you should do now

Check the free site Have I Been Pwned to see if your email address appears in the breach. Monitor your credit and consider placing a fraud alert with the three major credit bureaus – Equifax, Experian, and TransUnion – especially if you're an ADT customer exposed in the breach. In our article The best way to prevent identity theft, we take you through how to place a fraud alert or a freeze on your credit.

[Image credit: ADT]

Topics

News, Health and Home, Home Safety & Security, Blog, Privacy


Discussion loading

Techlicious Guides & Reviews

New Articles on Techlicious

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.