Showing up for people isn’t just what we do. It’s who we are – for over 200 years. And while it looks different every day, we do more to innovate for our customers, our communities and our employees. Because you put your trust in us.
In 1997, four advisors sharing an office space discovered they also shared an essential belief: The financial services industry needed a new and better way to provide advice to clients—one that would help relieve stress from their clients’ financial lives. They built a firm that would deliver truly comprehensive financial guidance, all under one roof, so that clients wouldn’t have to deal with the hassle of managing multiple financial relationships, making complex decisions, or coordinating disparate accounts. That idea has evolved into what we call the Roundtable™, our team of specialists and advisors in six core areas of wealth management. We believe that this team, paired with our 3-step UniFi™ process, helps ensure your financial life is organized, comprehensive and straightforward, enabling you to make more confident decisions and be less stressed when it comes to managing your wealth. Advisory services offered through Wealth Enhancement Advisory Services, LLC, a registered investment advisor and affiliate of Wealth Enhancement Group®.
Security & Compliance Standards Overview
No incidents recorded for The Hartford in 2025.
No incidents recorded for Wealth Enhancement in 2025.
The Hartford cyber incidents detection timeline including parent company and subsidiaries
Wealth Enhancement cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected files can lead to RCE. Must be chained with a prompt injection or malicious model attach. Only affects systems supporting NTFS. This issue is fixed in version 2.0.
Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipulation via forward slashes (./.cursor/./././././mcp.json etc.), and requires human approval to complete the operation. However, the same kind of manipulation using backslashes was not correctly detected, allowing an attacker who had already achieved prompt injection or some other level of control to overwrite sensitive editor files without approval on Windows machines. This issue is fixed in version 2.0.
Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the server. If an attacker is able to convince a victim to navigate to a malicious deeplink, the victim will not see the correct speedbump modal, and if they choose to accept, will execute commands specified by the attackers deeplink.
LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, the social media sharing functionality contains a Stored Cross-Site Scripting (XSS) vulnerability that allows any authenticated user to inject arbitrary JavaScript by creating a link with malicious HTML in the title field. When a user views the link details page and the shareable links are rendered, the malicious JavaScript executes in their browser. This vulnerability affects multiple sharing services and can be exploited to steal session cookies, perform actions on behalf of users, or deliver malware. This issue is fixed in version 2.4.0.
CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in version 14.12. If a local networking policy is active, attackers on an adjacent network may be able to send a crafted packet and cause the client system to crash.
