Cybersecurity Breaches Target Financial Advisors in Recent Months Financial advisory firms have faced a surge in cyberattacks, with three major incidents reported in late 2023, exposing client data and enabling fraudulent trading schemes. LPL Financial Breach (September–October 2023) LPL Financial, the largest U.S. broker-dealer with 32,000 advisors, disclosed a breach on December 26, affecting 53 individuals, including one Maine resident. The company revealed that foreign threat actors compromised advisor accounts to execute a "hack pump-and-dump" scheme, artificially inflating stock prices through unauthorized transactions. LPL contained the incident and reported no ongoing issues, though law enforcement was notified. Ameriprise Financial Phishing Attack (December 2023) Ameriprise Financial, with over 10,000 advisors, reported a breach on December 30 after a phishing email tricked an advisor into exposing client data. The fraudulent email, disguised as a legitimate client communication, may have impacted 598 individuals, including 52 in Maine. While no evidence of data misuse was found, Ameriprise offered credit monitoring and emphasized its security measures, including an online security guarantee. Ashton Thomas Private Wealth Breach (May–September 2023) Scottsdale-based Ashton Thomas Private Wealth, managing $1.7 billion in assets, notified clients of a breach affecting 1,644 individuals, including three in Maine. Unusual activity in firm email accounts exposed sensitive data, such as children’s names, addresses, birthdates, and Social Security numbers. The firm hired forensic experts and offered credit monitoring to affected clients. All three firms reported bolstering security measures following the incidents. The breaches highlight the growing threat of cyberattacks targeting financial advisors and their clients.

Mariner Wealth Advisors Reports Data Breach Affecting Nearly 9,000 Clients Mariner Wealth Advisors LLC, a Kansas-based wealth management and retirement plan advisory firm, disclosed a data breach that exposed the personal information of 8,995 customers. The incident, reported to the Maine Attorney General’s office on Monday, occurred on November 21, 2025, when a "criminal third party" accessed three employees’ cloud applications and downloaded sensitive files. The breach was detected three days later, on November 24. Compromised data included clients’ names, birth dates, Social Security numbers, and account numbers, affecting 17 Maine residents among those impacted. While the firm’s investigation conducted with third-party experts found no evidence of data misuse, affected clients were notified via letter and offered 12 months of credit monitoring. The breach follows a significant corporate shift: in April 2025, Mariner Advisor Network, a division of Mariner Wealth Advisors, was acquired by LPL Financial Holdings Inc. and Private Advisor Group LLC, transferring 367 advisers managing $31 billion in assets. Notably, LPL Financial itself suffered a separate breach on November 10, 2025, exposing the data of 1,581 customers after malware spread through phishing attacks on adviser devices. The company responded by implementing new security safeguards. The incidents reflect broader cybersecurity challenges, with the FBI’s 2024 Internet Crime Report recording over 1 million cybercrime incidents nationwide last year. Mariner Wealth Advisors has not yet publicly commented on the breach.

LPL Financial Reports Cybersecurity Breach Affecting 1,581 Clients LPL Financial disclosed a cybersecurity incident that led to unauthorized securities transactions and financial transfers in some client accounts. The breach, which occurred on November 10, 2025, was discovered 10 days later and reported to Maine’s Attorney General. The attack stemmed from malware distributed via phishing messages, compromising a limited number of financial advisors’ devices and granting unauthorized access to LPL’s web-based advisor portal. While the firm found no direct evidence that sensitive client data was accessed, it could not rule out the possibility. A total of 1,581 clients were affected, including two in Maine. Upon discovery, LPL halted the unauthorized activity, secured affected accounts, and restored impacted accounts to their original financial positions. The firm also contacted law enforcement, conducted an internal investigation, and implemented new technical safeguards to strengthen security. No ongoing compromise was detected. Affected clients were offered two years of complimentary Experian credit monitoring. This incident follows a separate October 2025 breach at LPL, where foreign threat actors exploited advisor accounts in a "hack pump-and-dump" scheme to manipulate stock prices. LPL is among several financial firms including Cetera Financial, Ameriprise, Hightower Advisors, and Edelman Financial Engines targeted by cybercriminals in recent months. The ShinyHunters extortion group, linked to breaches at Ameriprise and Mercer Advisors, has been a recurring threat in these attacks. Many of these incidents have been exposed through class action lawsuits alleging inadequate data protection.

The Washington State Office of the Attorney General disclosed a data breach involving LPL Financial LLC, where an unauthorized party gained access to an advisor's email account between July 26 and July 28, 2021. The incident, reported on September 30, 2021, impacted 992 Washington residents, exposing highly sensitive personal information. Compromised data included names, Social Security Numbers (SSNs), financial and banking details, health insurance information, and medical records. The breach stemmed from a targeted compromise of an employee’s email account, likely through phishing or credential theft, enabling attackers to exfiltrate confidential client data. Given the nature of the exposed information—particularly SSNs and financial records—the incident poses severe risks of identity theft, financial fraud, and long-term reputational harm to both the affected individuals and LPL Financial. The breach underscores vulnerabilities in email security protocols and the critical need for robust access controls, especially in sectors handling sensitive client data. While the exact motive (e.g., financial gain, espionage) remains undisclosed, the scale and sensitivity of the leaked data classify this as a high-severity incident with potential regulatory and legal repercussions under data protection laws like HIPAA (for medical data) and state breach notification statutes.

Fidelity Fined $1.25M Over Data Breach as Financial Sector Faces Rising Cybersecurity Risks A recent data breach at Fidelity Investments has resulted in a $1.25 million fine, highlighting growing cybersecurity vulnerabilities in the financial services sector. The breach, which exposed sensitive client information, was part of a broader pattern of cyber incidents affecting major firms, including Ameriprise Financial and Mercer, both of which have faced legal and regulatory repercussions. Key Details: - Fidelity’s Breach & Fine: The company was penalized for failing to adequately protect customer data, though specifics of the breach such as the number of affected individuals remain undisclosed. The fine follows a separate $2.5 million settlement related to an earlier incident. - Ameriprise Breach: Nearly 48,000 clients were impacted by a data exposure, though the company has not released full details on the cause or scope. - Mercer’s Legal Challenges: The consulting firm is facing lawsuits over a data breach, underscoring the legal and financial risks of cybersecurity failures. - LPL Financial Incident: A phishing attack led to unauthorized transactions, demonstrating how social engineering remains a persistent threat to financial institutions. Broader Impact: These incidents reflect escalating cyber threats targeting wealth management, investment advisory, and insurance firms. Regulatory scrutiny is intensifying, with fines and legal actions serving as a warning to the industry. The breaches also raise concerns about the exposure of Social Security numbers, client financial records, and other sensitive data, which could lead to identity theft or fraud. As financial firms grapple with evolving cyber risks, the fallout from these breaches underscores the need for stronger security measures and compliance protocols.

The California Office of the Attorney General reported a data breach involving LPL Financial LLC on November 17, 2018. The breach occurred on November 1, 2018, and was caused by unauthorized access to a user's account of their service provider, Capital Forensics, potentially exposing personal information including names, account numbers, and Social Security Numbers.

The California Office of the Attorney General reported a data breach involving LPL Financial on February 29, 2012. The breach occurred on February 6, 2012, due to the theft of an employee's desktop computer, potentially exposing personal information including names, Social Security numbers, and financial information of affected individuals; the number of affected individuals is unknown.

The Massachusetts Office of Consumer Affairs and Business Regulation reported a data breach involving LPL Financial on September 23, 2011. The breach affected 1 resident and involved paper records, specifically compromising account numbers.