BleepingComputer reports that leading U.S. residential and small business building security provider ADT has confirmed having its employee account data exfiltrated in a cyberattack involving credentials stolen from a third-party partner just two months after it disclosed being breached following the leak of records from 30,800 customers.
Despite immediate action to thwart unauthorized access and enforce security measures, ADT had some encrypted employee data stolen as a result of the incident, said the firm in a filing with the Securities and Exchange Commission.
The filing also noted information system disruptions as ADT contained the attack, which has not yet been claimed by any threat operation.
"ADT has hired leading third-party cybersecurity experts to assist with the Company's response to the incident, and is working closely with federal law enforcement. The Company is also cooperating closely with its third-party business partner to address the incident," the filing read.