Home-security firm ADT detected unauthorized access around 20 April 2026; the breach became public when extortion group ShinyHunters listed ADT on its leak site on 24 April with a pay-or-leak deadline. The confirmed breach affected about 5.5 million people — emails, names, phone numbers and addresses, and in a small percentage of cases dates of birth and the last four digits of SSN/Tax IDs. The attack reportedly began with a vishing call impersonating IT support to capture Okta single-sign-on credentials, then reached the company's Salesforce data. We cover the human-layer vishing risk and SSO exposure.

Concerned your help desk could be social-engineered? Visit www.kinsoft.com.au to talk through your security and IT needs.

Sources: BleepingCo ...