On April 20, 2026, ADT Inc. ("ADT" or the "Company") became aware of unauthorized access to certain cloud-based environments. The Company promptly took steps to terminate the unauthorized access, activated its incident response plan (the "IRP") as described in Item 1C of its Annual Report on Form 10-K for the year ended December 31, 2025, launched an investigation and engaged third-party cybersecurity experts, and notified law enforcement.


 

Following the investigation conducted in accordance with its IRP, the Company determined that only limited customer and prospective customer data was accessed. Based on information currently available and following the processes laid out in its IRP, the Company does not believe that this incident is reasonably likely to have a material impact on the Company's financial condition, results of operations, or ongoing business operations. The Company continues to assess the scope and impact of the incident.