ADT customer breach details now public on Have I Been Pwned - 5.5 million records confirmed, more than the 10 million ShinyHunters originally claimed but with worse data

Update on the ADT breach we covered April 25: Have I Been Pwned added the leaked dataset yesterday with 5,488,888 unique email addresses confirmed - lower than ShinyHunters' original 10 million claim but still the largest US home-security customer leak on record. Beyond the email, name, phone, and address fields ADT originally disclosed, the leak includes details ADT downplayed: account creation dates, premise types, internal account flags, ADT installer IDs, and prospect/customer status. None catastrophic alone, but combined gives attackers enough context to run convincing 'security audit' phone scams against named customers with real install dates and installer names.

Check

If you're an ADT customer, treat any inbound call referencing your real install date or installer name as hostile - those details are now public.

Affected

All 5,488,888 ADT customers and prospects - now indexable on HIBP. Acute risk for customers whose installer IDs are in the leak: scammers can call referencing 'Mike from your install on March 14, 2022' and sound legitimate enough to social-engineer security code resets. Elderly customers and high-value households are the highest-risk segment for follow-on physical security scams.

Fix

ADT customers should set a verbal codeword with ADT's real customer service line and refuse to verify identity to any inbound caller without it. Treat any 'free security upgrade' as a scam unless you initiated the call. Brief elderly family members specifically - they're the prime target for follow-on scams using leaked install details. Pressure ADT for credit monitoring if the SSN/Tax ID subset includes you.