Wedbush Securities Data Breach Exposes Client PII in 2025 Incident
Wedbush Securities Inc., a Los Angeles-based financial services firm founded in 1955, is under investigation by class action law firm Shamis & Gentile P.A. following a data breach that exposed sensitive client information. The breach occurred due to a misconfigured web-facing internal application, which allowed unauthorized access between May 17 and July 11, 2025.
The company detected the issue on July 11, 2025, secured the application, and launched an investigation. While Wedbush reported no evidence of data misuse, the exposed information included names, financial institution details, account numbers, and Social Security numbers—putting affected individuals at risk of identity theft and fraud.
Affected clients were notified and offered 12 months of complimentary credit monitoring, credit reports, and credit scores through Cyberscout (a TransUnion company), with enrollment required within 90 days of notification. Wedbush also advised impacted individuals to consider placing fraud alerts or credit freezes via Equifax, Experian, or TransUnion.
Legal representatives are evaluating potential compensation claims for those whose data was compromised. The incident highlights ongoing risks in financial sector cybersecurity, particularly from misconfigured systems.
Source: https://www.claimdepot.com/investigations/wedbush-securities-data-breach-2025
Wedbush cybersecurity rating report: https://www.rankiteo.com/company/wedbush
"id": "WED1765656792",
"linkid": "wedbush",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Limited set of clients',
'industry': 'Finance',
'location': 'Pasadena, Los Angeles area, USA',
'name': 'Wedbush Securities Inc.',
'type': 'Financial Services Firm'}],
'attack_vector': 'Misconfigured web-facing application',
'customer_advisories': 'Notice sent to affected individuals with steps to '
'protect themselves',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Financial institution name',
'Account number',
'Social Security number']},
'date_detected': '2025-07-11',
'description': 'Shamis & Gentile P.A. is investigating the Wedbush Securities '
'Inc. data breach where sensitive personally identifiable '
'information may have been exposed due to a misconfigured '
'web-facing internal application.',
'impact': {'data_compromised': 'Sensitive personally identifiable information',
'identity_theft_risk': 'High',
'systems_affected': 'Web-facing internal application'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': 'Misconfigured web-facing internal '
'application'},
'recommendations': ['Review account statements and monitor credit reports',
'Enroll in complimentary credit monitoring services '
'within 90 days',
'Place a fraud alert or credit freeze on credit files',
'File a police report or report to the FTC if identity '
'theft is suspected'],
'references': [{'source': 'Shamis & Gentile P.A.'}],
'response': {'communication_strategy': 'Notice to affected individuals',
'containment_measures': 'Application secured',
'third_party_assistance': 'Cyberscout (TransUnion)'},
'title': 'Wedbush Securities Inc. Data Breach Investigation',
'type': 'Data Breach',
'vulnerability_exploited': 'Application misconfiguration'}