Back

LPL Financial and Ameriprise Report Cybersecurity Breaches Affecting Client Data

Severity: Medium (Score: 51.9)

Sources: Wealthmanagement, Investmentnews, www.maine.gov

Summary

LPL Financial reported a data breach affecting 1,581 clients due to a phishing attack that occurred on November 10, 2025, and was discovered 10 days later. The breach involved malware that gained unauthorized access to accounts of a small number of affiliated financial advisors. Although LPL stated that there was no evidence of sensitive personal information being accessed, the firm has taken steps to secure affected accounts and offered credit monitoring to clients. Ameriprise Financial also reported a breach affecting 47,876 clients on March 2, 2026, which was discovered on March 18, 2026. This incident involved unauthorized access to stored data and files, though Ameriprise confirmed that no unauthorized transactions occurred. Both firms have been flagged by the Maine Attorney General for these incidents, highlighting ongoing vulnerabilities in the financial sector. Key Points: • LPL Financial's breach affected 1,581 clients due to a phishing attack involving malware. • Ameriprise Financial reported a separate breach affecting 47,876 clients with unauthorized data access. • Both firms have been reported to the Maine Attorney General for their cybersecurity incidents.

Key Entities

  • Data Breach (attack_type)
  • Malware (attack_type)
  • Phishing (attack_type)
  • Ameriprise (company)
  • Ameriprise Financial (company)
  • Beacon Pointe Advisors (company)
  • Cetera Financial (company)
  • Edelman Financial Engines (company)
  • CWE-200 - Exposure of Sensitive Information (cwe)
  • Financial (industry)
  • T1566 - Phishing (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed