Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Ameriprise Financial Services, LLC

Ameriprise Financial Services, LLC Vendor Cyber Rating & Cyber Score

ameriprise.com

At Ameriprise Financial, we have been helping people feel more confident about their financial future for over 130 years. With extensive investment advice, asset management and insurance capabilities and a nationwide network of approximately 10,000 financial advisors*, we have the expertise to serve the full range of individual and institutional investors' financial needs.  Ameriprise has corporate locations throughout the U.S. and across the globe, and advisor offices in all 50 states.  Certain hyperlinks within Ameriprise Financial web sites or social media content may hyperlink to third-party content which we believe to be reliable however, we cannot guarantee its accuracy or completeness. For this reason, we do not endorse any linked


AFSL A.I CyberSecurity Scoring

AFSL
Company Information
Website:http://www.ameriprise.com/?cid=LinkedInHome
Employees number:17,552
Number of followers:218,937
NAICS:52
Industry Type:Financial Services
Homepage:ameriprise.com
AFSL Risk Score (AI oriented)
Between 0 and 549
logo
AFSLFinancial Services
Updated:
19/05/2026
531/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
AFSL Global Score (TPRM)
xxxx
logo
AFSLFinancial Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

AFSL
AFSLCritical
Current Score
531C (CRITICAL)
01000
10 incidents
-58 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
537Before Incident
JUNE 2026
536Before Incident
MAY 2026
545Before Incident
APRIL 2026
540Before Incident
MARCH 2026
589Before Incident
Breach
02 Mar 2026AFSL
Ameriprise Financial: Ameriprise Discloses Second Data Breach in Less Than Six Months

Ameriprise Financial Second Data Breach in Six Months

532After Incident
CRITICAL-57
AME1776789651
Ameriprise Financial Hit by Second Data Breach in Six Months, Impacting Nearly 50,000 Clients Ameriprise Financial has disclosed a second data breach in less than six months, exposing the personal information of nearly 50,000 individuals. According to a filing with Maine state regulators on April 17, the breach occurred between March 2 and 18, compromising names and other "personal identifiers" of 47,876 people, including 335 Maine residents. In a letter to affected clients, Ameriprise’s Director of Compliance, Jennifer Swihart, confirmed that an unauthorized individual accessed stored data and files. The company responded by blocking the intruder, launching an investigation with external cybersecurity experts, and offering free identity protection services to impacted customers. Ameriprise emphasized that no unauthorized transactions or fund movements occurred, and business operations remained unaffected. The breach follows a December 2023 incident in which a phishing attack targeted one of the firm’s advisors, potentially exposing 598 individuals. That attack involved a fraudulent email disguised as a legitimate client communication. While Ameriprise found no evidence of data misuse in that case, it issued precautionary notifications to affected clients. Ameriprise, a Minneapolis-based broker-dealer with approximately 10,000 advisors, has not disclosed how the latest breach occurred. The company previously highlighted its multi-layered security measures and an "online security guarantee" protecting against unauthorized fund transfers. Both incidents underscore ongoing cybersecurity challenges for financial services firms.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Names and other personal identifiersOperational Impact: No unauthorized transactions or fund movements; business operations remained unaffectedIdentity Theft Risk: High (free identity protection services offered)
DATA BREACH
Type Of Data Compromised: Personal identifiers (names, etc.)Number Of Records Exposed: 47,876Sensitivity Of Data: High (personal identifiers)
FEBRUARY 2026
589Before Incident
JANUARY 2026
581Before Incident
DECEMBER 2025
577Before Incident
NOVEMBER 2025
623Before Incident
Breach
11 Nov 2025AFSL
Ameriprise Financial Services and LLC: Ameriprise Data Breach Exposes SSNs & Financial Details

Ameriprise Financial Services Data Breach

573After Incident
CRITICAL-50
AME1767368489
Ameriprise Financial Data Breach Exposes Sensitive Client Information On August 26, 2025, Ameriprise Financial Services, LLC, a major U.S. financial services provider, detected a data breach stemming from a phishing attack on November 11, 2024. The incident compromised personally identifiable information (PII) and protected health information (PHI) of hundreds of current and former clients, including at least 411 Texas residents and individuals in Maine and Massachusetts. The breach occurred when an unauthorized actor gained temporary access to client data through a phishing attack targeting an advisor’s office staff member. Exposed information included names, addresses, Social Security numbers, dates of birth, driver’s license numbers, financial account details, and in some cases, medical records and dependent information. Ameriprise reported the breach to the Maine Attorney General’s office on September 11, 2025, followed by notifications to New Hampshire and Massachusetts on December 22, 2025, and Texas on December 29, 2025. Affected clients were notified via U.S. Mail on September 8, 2025. In response, Ameriprise confirmed the deletion of exposed data by unintended recipients and implemented enhanced security measures, including stricter verification procedures for account requests. The company is offering one year of complimentary credit monitoring and identity restoration services through Equifax Complete Premier to impacted individuals.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personally identifiable information (PII) and protected health information (PHI)Brand Reputation Impact: Likely negative impact due to exposure of sensitive client dataLegal Liabilities: Potential regulatory fines and legal actionsIdentity Theft Risk: High (exposure of SSNs, driver’s license numbers, financial account details)Payment Information Risk: High (exposure of credit/debit card numbers)
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Number Of Records Exposed: Hundreds (exact number not specified)Sensitivity Of Data: HighNameAddressSocial Security numberDate of birthDriver’s license numberPhone numbersEmail addressGenderMarital statusCitizenshipClient IDGroup IDAccount and policy numbersAccount valuesNet worthFinancial account numbersCredit or debit card numbersPolicy numbers
NOVEMBER 2025
640Before Incident
Cyber Attack
10 Nov 2025AFSL
Cetera Financial, Ameriprise, Hightower Advisors, LPL Financial and Edelman Financial Engines: LPL Financial Reports Cybersecurity Breach

LPL Financial Cybersecurity Breach Affecting 1,581 Clients

573After Incident
CRITICAL-67
AMEHIGLPLEDE1777062318
LPL Financial Reports Cybersecurity Breach Affecting 1,581 Clients LPL Financial disclosed a cybersecurity incident that led to unauthorized securities transactions and financial transfers in some client accounts. The breach, which occurred on November 10, 2025, was discovered 10 days later and reported to Maine’s Attorney General. The attack stemmed from malware distributed via phishing messages, compromising a limited number of financial advisors’ devices and granting unauthorized access to LPL’s web-based advisor portal. While the firm found no direct evidence that sensitive client data was accessed, it could not rule out the possibility. A total of 1,581 clients were affected, including two in Maine. Upon discovery, LPL halted the unauthorized activity, secured affected accounts, and restored impacted accounts to their original financial positions. The firm also contacted law enforcement, conducted an internal investigation, and implemented new technical safeguards to strengthen security. No ongoing compromise was detected. Affected clients were offered two years of complimentary Experian credit monitoring. This incident follows a separate October 2025 breach at LPL, where foreign threat actors exploited advisor accounts in a "hack pump-and-dump" scheme to manipulate stock prices. LPL is among several financial firms including Cetera Financial, Ameriprise, Hightower Advisors, and Edelman Financial Engines targeted by cybercriminals in recent months. The ShinyHunters extortion group, linked to breaches at Ameriprise and Mercer Advisors, has been a recurring threat in these attacks. Many of these incidents have been exposed through class action lawsuits alleging inadequate data protection.
INCIDENT DETAILS -
TYPE
Cybersecurity Breach
MOTIVATION
Unauthorized financial transactions
IMPACT
Financial Loss: Unauthorized securities transactions and financial transfersData Compromised: Possibility of sensitive client data access (not confirmed)Systems Affected: Web-based advisor portalOperational Impact: Halted unauthorized activity, secured affected accounts, and restored impacted accountsLegal Liabilities: Class action lawsuits alleging inadequate data protectionIdentity Theft Risk: High (credit monitoring offered)
DATA BREACH
Type Of Data Compromised: Client account information (possibility of sensitive data)Number Of Records Exposed: 1581Sensitivity Of Data: High (financial and personal data)
OCTOBER 2025
638Before Incident
SEPTEMBER 2025
634Before Incident
AUGUST 2025
631Before Incident
APRIL 2025
665Before Incident
Breach
29 Apr 2025AFSL
Ameriprise Financial Services, LLC

Data Breach at Ameriprise Financial Services, LLC

616After Incident
HIGH-49
AME449072625
The Minnesota Office of the Attorney General reported a data breach involving Ameriprise Financial Services, LLC on May 5, 2025. The breach occurred on April 29, 2025, when an advisor mistakenly sent a document containing personal information, including names, addresses, and Social Security numbers, to their personal email account. The number of affected individuals is currently unknown.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Accidental
IMPACT
NamesAddressesSocial Security numbers
DATA BREACH
NamesAddressesSocial Security numbersSensitivity Of Data: High
AUGUST 2024
721Before Incident
Breach
17 Aug 2024AFSL
Ameriprise Financial: Client information data breach costs Fidelity $1.25 million in Massachusetts fine

Fidelity Brokerage Services Cyberattack

641After Incident
CRITICAL-80
AME1777303499
Fidelity Brokerage Services Hit by Three-Day Cyberattack in August 2024, Exposing Sensitive Customer Data In August 2024, Fidelity Brokerage Services suffered a three-day cyberattack that exposed the personal and financial data of approximately 77,000 customers, including passport details, driver’s license numbers, Social Security numbers, credit card information, and medical records. The breach, which occurred between August 17 and 19, was the result of a vulnerability in Fidelity’s online access controls, allowing unauthorized access to a document repository. A bad actor exploited a flaw in the system’s "Image ID" parameter, enabling them to manipulate browser URLs to view other customers’ documents. While Fidelity detected and halted the breach within days, the Massachusetts Secretary of the Commonwealth, William Galvin, issued a $1.25 million fine against the firm for failing to enforce adequate cybersecurity measures. The consent order revealed that Fidelity’s security policies were not properly enforced, allowing users to access documents beyond their own accounts. The breach affected not only Fidelity customers but also beneficiaries and relatives, including minors, whose data was compromised. While Fidelity notified impacted customers, it failed to alert all affected individuals, including non-customers whose information was exposed. Fidelity stated that no customer accounts or funds were accessed during the incident and that there has been no evidence of identity theft or fraud resulting from the breach in the nearly two years since. The company has since taken steps to remediate the issue and strengthen its security protocols. The incident adds to a growing list of financial firms targeted by cyberattacks in recent years, including LPL Financial and Ameriprise Financial, which have also reported data breaches.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Financial Loss: 1250000Data Compromised: Personal and financial data (passport details, driver’s license numbers, Social Security numbers, credit card information, medical records)Systems Affected: Document repository, online access controlsDowntime: 3 daysOperational Impact: Unauthorized access to customer documentsBrand Reputation Impact: YesLegal Liabilities: Fines imposedIdentity Theft Risk: YesPayment Information Risk: Yes
DATA BREACH
Passport detailsDriver’s license numbersSocial Security numbersCredit card informationMedical recordsNumber Of Records Exposed: 77000Sensitivity Of Data: HighPersonally Identifiable Information: Yes
JANUARY 2023
729Before Incident
Breach
19 Jan 2023AFSL
Ameriprise Financial Services, LLC

Data Breach at Ameriprise Financial, Inc.

681After Incident
MEDIUM-48
AME300072525
The Maine Office of the Attorney General reported a data breach involving Ameriprise Financial, Inc. on January 23, 2023. The breach occurred on January 19, 2023, due to inadvertent disclosure of a personal email containing sensitive information, affecting 2 individuals, specifically involving Social Security Numbers. Identity theft protection services were offered for one year at no charge, administered by EZ Shield, Inc.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Social Security NumbersIdentity Theft Risk: High
DATA BREACH
Social Security NumbersSensitivity Of Data: HighSocial Security Numbers
JUNE 2022
765Before Incident
Breach
01 Jun 2022AFSL
Ameriprise Financial Services, LLC

Ameriprise Financial Data Breach

716After Incident
CRITICAL-49
AME223321022
Ameriprise Financial, Inc. suffered a data breach after an unauthorized party gained access to its computer network. The breach compromised sensitive consumer data including the names, Social Security numbers and account numbers of certain clients. Ameriprise reported the breach to the authorities and also informed the affected parties.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
NamesSocial Security NumbersAccount Numbers
DATA BREACH
NamesSocial Security NumbersAccount NumbersSensitivity Of Data: High
JANUARY 2020
730Before Incident
Breach
01 Jan 2020AFSL
Fidelity Investments, LPL Financial, Mercer and Ameriprise Financial: Fidelity's $2.5M Data Breach Settlement: What Clients Should Know

Fidelity Investments Data Breach and Fine

663After Incident
CRITICAL-67
FIDLPLAMEMER1779194480
Fidelity Fined $1.25M Over Data Breach as Financial Sector Faces Rising Cybersecurity Risks A recent data breach at Fidelity Investments has resulted in a $1.25 million fine, highlighting growing cybersecurity vulnerabilities in the financial services sector. The breach, which exposed sensitive client information, was part of a broader pattern of cyber incidents affecting major firms, including Ameriprise Financial and Mercer, both of which have faced legal and regulatory repercussions. Key Details: - Fidelity’s Breach & Fine: The company was penalized for failing to adequately protect customer data, though specifics of the breach such as the number of affected individuals remain undisclosed. The fine follows a separate $2.5 million settlement related to an earlier incident. - Ameriprise Breach: Nearly 48,000 clients were impacted by a data exposure, though the company has not released full details on the cause or scope. - Mercer’s Legal Challenges: The consulting firm is facing lawsuits over a data breach, underscoring the legal and financial risks of cybersecurity failures. - LPL Financial Incident: A phishing attack led to unauthorized transactions, demonstrating how social engineering remains a persistent threat to financial institutions. Broader Impact: These incidents reflect escalating cyber threats targeting wealth management, investment advisory, and insurance firms. Regulatory scrutiny is intensifying, with fines and legal actions serving as a warning to the industry. The breaches also raise concerns about the exposure of Social Security numbers, client financial records, and other sensitive data, which could lead to identity theft or fraud. As financial firms grapple with evolving cyber risks, the fallout from these breaches underscores the need for stronger security measures and compliance protocols.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Financial Loss: $1.25 million (fine)Data Compromised: Sensitive client information, Social Security numbers, client financial recordsBrand Reputation Impact: YesLegal Liabilities: Yes (lawsuits for Mercer, fines for Fidelity)Identity Theft Risk: Yes
DATA BREACH
Type Of Data Compromised: Sensitive client information, Social Security numbers, client financial recordsSensitivity Of Data: HighPersonally Identifiable Information: Yes
NOVEMBER 2019
776Before Incident
Breach
18 Nov 2019AFSL
Ameriprise Financial Inc.

Data Breach at Ameriprise Financial Inc.

728After Incident
MEDIUM-48
AME433071725
The Indiana Office of the Attorney General reported a data breach involving Ameriprise Financial Inc. on November 20, 2019. The breach occurred on November 18, 2019, affecting a total of 1 individual. The breach involved the unauthorized access to personal information, which could potentially lead to financial or reputational damage.
INCIDENT DETAILS -
TYPE
Data Breach
JANUARY 2018
810Before Incident
Breach
01 Jan 2018AFSL
Ameriprise Financial, Inc.

Ameriprise Financial Data Breach

757After Incident
HIGH-53
AME929072525
The Maine Attorney General's Office reported a data breach involving Ameriprise Financial on April 16, 2025. The breach, discovered on January 27, 2025, was due to insider wrongdoing and potentially affected 4,623 individuals, including 81 residents of Maine. The compromised information included personal data shared by a former advisor during a transition to a different financial firm.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal Data
DATA BREACH
Type Of Data Compromised: Personal Data

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for AFSL ?
?
What was AFSL's A.I Rankiteo Cyber Score in June 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in May 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in April 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in March 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in February 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in January 2026 ?
?
What was AFSL's A.I Rankiteo Cyber Score in December 2025 ?
?
What was AFSL's A.I Rankiteo Cyber Score in November 2025 ?
?
What was AFSL's A.I Rankiteo Cyber Score in October 2025 ?
?
What was AFSL's A.I Rankiteo Cyber Score in September 2025 ?
?
What was AFSL's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on AFSL's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with AFSL ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view AFSL's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?