ADT – 5,488,888 Accounts Breached
- Apr 27
- 2 min read
Key Findings
ShinyHunters conducted two major "pay or leak" extortion campaigns in April 2026 targeting ADT and Udemy
ADT breach exposed 5.5 million unique email addresses plus names, phone numbers, and physical addresses
Small percentage of ADT records also contained dates of birth and last four digits of Social Security numbers or Tax IDs
Udemy breach exposed 1.4 million unique email addresses belonging to customers and instructors
Udemy data included names, addresses, phone numbers, employer information, and instructor payout methods
Both companies had their data leaked publicly after refusing extortion demands
Background
ShinyHunters, a known extortion group, targeted two major companies in April 2026 with coordinated data theft and extortion campaigns. The group obtained sensitive customer and employee information from both organizations and threatened to release the data publicly unless payment was made. When both companies declined to pay, ShinyHunters followed through on their threats by publishing the stolen data on their website and making it publicly available.
ADT Data Breach
The home security firm ADT confirmed it was compromised by ShinyHunters in April 2026. The breach affected 5.5 million unique email addresses along with associated names, phone numbers, and physical addresses. In a smaller subset of the compromised records, additional sensitive information was exposed including dates of birth and the last four digits of Social Security numbers or Tax IDs. ADT notified all affected individuals about the breach as required.
Udemy Data Breach
Online learning platform Udemy fell victim to the same extortion group during the same April 2026 campaign. The breach exposed 1.4 million unique email addresses belonging to both customers and instructors. Beyond email addresses, the leaked data included names, physical addresses, phone numbers, and employer information. For instructors, the breach also compromised payout method details including PayPal accounts, cheque information, and bank transfer details.
Sources
https://haveibeenpwned.com/Breach/ADT
https://haveibeenpwned.com/Breach/Udemy

Comments