Mariner Wealth Advisors Reports Data Breach Affecting Nearly 9,000 Individuals
Mariner Wealth Advisors, a major registered investment advisor (RIA), disclosed a November 2024 cybersecurity breach involving cloud applications used by three employees. The incident, detected on November 4, 2024, resulted in unauthorized access and download of files containing sensitive personal data, including names, Social Security numbers, dates of birth, and government identification numbers. A total of 8,995 individuals were affected, with 17 residing in Maine.
The firm isolated the compromised accounts upon discovery and launched an investigation with third-party experts and federal law enforcement. While the breach exposed personally identifiable information (PII), Mariner confirmed that financial and investment accounts held on separate systems remained unaffected. No evidence of data misuse has been found to date, though the company continues to monitor online sources for potential exploitation.
This breach follows a separate December 2024 incident involving Newport Advisory, a Mariner-affiliated entity, where unauthorized actors accessed files affecting 9,323 individuals. Both incidents were reported to Maine’s Attorney General, complying with the SEC’s amended Regulation S-P, which mandates breach notifications within 30 days of detection for RIAs managing over $1.5 billion in assets.
Mariner has emphasized its commitment to cybersecurity, citing investments in zero-trust email security and employee training. A case study highlighted the firm’s efforts to mitigate phishing risks amid frequent spear-phishing attempts, noting its expanded digital environment due to mergers and acquisitions. Despite these measures, the breach underscores persistent vulnerabilities in cloud-based applications.
Mariner Wealth Advisors TPRM report: https://www.rankiteo.com/company/mariner-financial-wellness
Newport Advisory TPRM report: https://www.rankiteo.com/company/newport-wealth-advisors
"id": "newmar1780453675",
"linkid": "newport-wealth-advisors, mariner-financial-wellness",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '8,995',
'industry': 'Financial Services',
'name': 'Mariner Wealth Advisors',
'size': 'Manages over $1.5 billion in assets',
'type': 'Registered Investment Advisor (RIA)'}],
'attack_vector': 'Unauthorized access to cloud applications',
'data_breach': {'data_exfiltration': 'Yes (files downloaded)',
'number_of_records_exposed': '8,995',
'personally_identifiable_information': 'Names, Social '
'Security numbers, '
'dates of birth, '
'government '
'identification '
'numbers',
'sensitivity_of_data': 'High (Social Security numbers, '
'government IDs)',
'type_of_data_compromised': 'Personally Identifiable '
'Information (PII)'},
'date_detected': '2024-11-04',
'date_publicly_disclosed': '2024-11',
'description': 'Mariner Wealth Advisors disclosed a November 2024 '
'cybersecurity breach involving cloud applications used by '
'three employees. The incident resulted in unauthorized access '
'and download of files containing sensitive personal data, '
'including names, Social Security numbers, dates of birth, and '
'government identification numbers. A total of 8,995 '
'individuals were affected.',
'impact': {'data_compromised': 'Names, Social Security numbers, dates of '
'birth, government identification numbers',
'identity_theft_risk': 'High',
'payment_information_risk': 'None (financial and investment '
'accounts unaffected)',
'systems_affected': 'Cloud applications used by three employees'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Persistent vulnerabilities in cloud-based applications '
'despite cybersecurity investments (e.g., zero-trust email '
'security, employee training).',
'post_incident_analysis': {'corrective_actions': 'Isolated compromised '
'accounts, launched '
'investigation with '
'third-party experts and law '
'enforcement',
'root_causes': 'Unauthorized access to cloud '
'applications used by employees'},
'references': [{'source': 'Maine Attorney General'}],
'regulatory_compliance': {'regulations_violated': 'SEC’s amended Regulation '
'S-P (potential '
'non-compliance with 30-day '
'notification rule)',
'regulatory_notifications': 'Reported to Maine’s '
'Attorney General'},
'response': {'communication_strategy': 'Reported to Maine’s Attorney General, '
'disclosed publicly',
'containment_measures': 'Isolated compromised accounts',
'enhanced_monitoring': 'Yes (monitoring online sources for '
'potential exploitation)',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes (federal law enforcement)',
'third_party_assistance': 'Yes (third-party experts)'},
'title': 'Mariner Wealth Advisors Data Breach Affecting Nearly 9,000 '
'Individuals',
'type': 'Data Breach'}