Reposted from EMR-ISAC

An unauthorized party stole encrypted internal data related to employee user accounts from home and small business security provider ADT, the company said Monday in a filing with the Securities and Exchange Commission. The company detected the unauthorized access Oct. 2, according to the filing, and said the “unauthorized actor had illegally accessed ADT’s network using compromised credentials obtained through a third-party business partner.” The incident is the second cyberattack disclosed by the company in two months. In an Aug. 7 SEC filing, the company disclosed that during a “cybersecurity incident … unauthorized actors illegally accessed certain databases containing ADT customer order information” that included email addresses, phone numbers and postal addresses.

See Original Post