Mariner Wealth Advisors Reports Data Breach Affecting Nearly 9,000 Individuals
Mariner Wealth Advisors, a major registered investment advisor (RIA), disclosed a November 2024 breach involving cloud applications used by three employees, exposing sensitive personal data of nearly 9,000 individuals. The incident, detected on November 4, 2024, involved a criminal third party accessing and downloading files containing names, Social Security numbers, dates of birth, account numbers, and government identification numbers. Of the 8,995 affected individuals, 17 were Maine residents.
The firm isolated the compromised accounts upon discovery and launched an investigation with third-party experts and federal law enforcement. While no evidence of data misuse has been found, Mariner has engaged external researchers to monitor for potential exploitation. The breach did not impact financial or investment accounts, which reside on separate systems.
This incident follows a December 2024 breach at Newport Advisory a Mariner-affiliated entity where unauthorized actors accessed files affecting 9,323 individuals. That breach was detected on January 12, 2025, shortly after Mariner’s acquisition of Newport.
Under the SEC’s amended Regulation S-P, which took effect in December 2024 for large RIAs, firms must notify affected clients within 30 days of breach detection. Smaller firms must comply starting this week.
Mariner has emphasized cybersecurity enhancements, including a zero-trust email security model, as outlined in a case study by Material Security. The firm has faced frequent spear-phishing attempts and expanded its digital environment through mergers, utilizing both Google Workspace and Microsoft 365. Despite investments in security, the breach highlights persistent risks in financial services.
Newport Wealth Advisors cybersecurity rating report: https://www.rankiteo.com/company/newport-wealth-advisors
Mariner cybersecurity rating report: https://www.rankiteo.com/company/access-mariner
"id": "NEWACC1780432754",
"linkid": "newport-wealth-advisors, access-mariner",
"type": "Breach",
"date": "11/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '8,995',
'industry': 'Financial Services',
'location': 'United States',
'name': 'Mariner Wealth Advisors',
'type': 'Registered Investment Advisor (RIA)'}],
'attack_vector': 'Unauthorized access to cloud applications',
'customer_advisories': 'Affected individuals notified',
'data_breach': {'data_exfiltration': 'Yes (files downloaded by unauthorized '
'actor)',
'number_of_records_exposed': '8,995',
'personally_identifiable_information': 'Names, Social '
'Security numbers, '
'dates of birth, '
'account numbers, '
'government '
'identification '
'numbers',
'sensitivity_of_data': 'High (SSNs, government IDs, account '
'numbers)',
'type_of_data_compromised': 'Personally Identifiable '
'Information (PII)'},
'date_detected': '2024-11-04',
'description': 'Mariner Wealth Advisors disclosed a November 2024 breach '
'involving cloud applications used by three employees, '
'exposing sensitive personal data of nearly 9,000 individuals. '
'The incident involved a criminal third party accessing and '
'downloading files containing names, Social Security numbers, '
'dates of birth, account numbers, and government '
'identification numbers.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'breach',
'data_compromised': 'Names, Social Security numbers, dates of '
'birth, account numbers, government '
'identification numbers',
'identity_theft_risk': 'High (PII exposed)',
'operational_impact': 'Isolation of compromised accounts, '
'investigation launched',
'systems_affected': 'Cloud applications (Google '
'Workspace/Microsoft 365)'},
'initial_access_broker': {'entry_point': 'Cloud applications (employee '
'accounts)'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Persistent risks in financial services despite '
'cybersecurity investments; need for enhanced email '
'security and zero-trust models.',
'post_incident_analysis': {'corrective_actions': 'Zero-trust email security '
'model, enhanced monitoring, '
'third-party investigations',
'root_causes': 'Unauthorized access to cloud '
'applications, potential '
'spear-phishing vulnerabilities'},
'recommendations': 'Adopt zero-trust email security, expand monitoring for '
'data misuse, and ensure compliance with SEC breach '
'notification rules.',
'references': [{'source': 'Mariner Wealth Advisors Disclosure'}],
'regulatory_compliance': {'regulations_violated': 'SEC Regulation S-P '
'(amended)',
'regulatory_notifications': 'Yes (30-day '
'notification '
'requirement)'},
'response': {'communication_strategy': 'Public disclosure, client '
'notifications',
'containment_measures': 'Isolated compromised accounts',
'enhanced_monitoring': 'Yes (external monitoring for data '
'misuse)',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes (federal law enforcement)',
'remediation_measures': 'Engaged external researchers to monitor '
'for exploitation',
'third_party_assistance': 'Yes (external experts)'},
'threat_actor': 'Criminal third party',
'title': 'Mariner Wealth Advisors Data Breach Affecting Nearly 9,000 '
'Individuals',
'type': 'Data Breach'}