ADT: Staffer breached accounts
220 learn technician had access to systems, including video cams
According to a company spokesman, the Dallas-area technician added his personal email address to customers’ accounts during service visits. That gave him varying levels of access to their systems, including the video streams of security cameras.
The employee did not have access to financial information or Social Security numbers, the spokesman said. But he was able to operate within the company’s mobile app, which gave him access to the security systems.
The level of access the employee had depended on the services each customer had. If someone had in-home security cameras, for example, he had access to them.
“We deeply regret what happened,” said Jamie Haenggi, chief customer officer for ADT. “Customers trust ADT with their safety and security, and we understand that this jeopardizes that trust, and it is certainly and entirely unacceptable.”
She said the employee had intermittent access to accounts for the last seven years.
The abuse was discovered in March after a DeSoto resident reported that an unauthorized email address was associated with an account in the company’s app. ADT began an internal investigation and found the employee’s personal email address in 220 accounts.
The employee’s access was revoked immediately. ADT did not identify him but said he was fired as soon as the violations were discovered.
Dallas is one of ADT’s larger markets, according to the company, which has 6 million customers across the country.
The company contacted DeSoto police after it wrapped up its investigation, the spokesman said.
DeSoto police confirmed in a written statement that the department was investigating the employee and that he was being investigated in other cities throughout the region for similar activities.
Police did not identify the employee or say whether he had been charged with a crime. They asked any customers who think they were victims to contact ADT directly.
ADT said in a written statement that it was reviewing customer accounts to ensure more people’s privacy was not at risk.
The company said it had implemented procedures to prevent similar incidents. It has enhanced monitoring to identify unauthorized activity on accounts, Haenggi said. For example, ADT is sending notifications to customers when users are added to accounts.
Haenggi said the company isn’t sure what the employee did with his access and didn’t say whether he appeared to be targeting anyone in particular.
She acknowledged the possibility of litigation against ADT but said the company’s primary focus was regaining customers’ trust.
“The incident does not reflect the values or the ethics of our brand,” Haenggi said. “We are a company that, for 145 years, has stood for trust and security. These actions don’t reflect that brand nor the thousands of men and women who have dedicated their careers to helping protect others. We are truly just disappointed in what happened and very regretful for this experience for our customers.”