A criminal third party breached the cloud application accounts of employees at Mariner Wealth Advisors, resulting in the download of files containing personal information belonging to thousands of individuals.
The mega-RIA disclosed details of the breach, which it discovered late last year, to Maine's Attorney General this week.
As per a sample client incident notice Mariner provided to Maine authorities, the incident was isolated to cloud applications used by three of its employees. The firm said it first detected suspicious activity through its systems on Novermber 4. The accounts were immediately isolated, and Mariner proceeded to conduct a thorough investigation while communicating with federal law enforcement and regulatory authorities..
"Mariner’s investigation performed alongside third-party experts has determined that a criminal third party accessed the accounts and downloaded certain files during that time," the firm said.
"A thorough review of the files involved determined some of the files contained your personally identifiable or non-public personal information," it added.
According to the disclosure notice, the compromised information included names, account numbers, dates of birth, and Social Security numbers or other government idenitification numbers. Among the 8,995 persons reportedly affected, 17 were residents of Maine.
The firm emphasized that financial accounts, investment accounts, and other client-held assets reside on entirely separate systems at separate entities and were unaffected by the incident.
While Mariner has engaged outside researchers to monitor websites, forums, and other online sources for signs that the downloaded data has been misused, no such malicious activity been found to date.
The firm maintained hat it is committed to protecting personal information entrusted to it by clients, adding that it "will continue to emphasize cybersecurity awareness in our employee training materials [while] working with our external advisors to fortify our cybersecurity defenses."
The November 2025 breach is distinct from an earlier incident involving Newport Advisory, which was operating as a Mariner-affiliated entity and is now doing business as Mariner Wealth Advisors.
According a separate disclosure filed with the Maine Attorney General, unauthorized actors accessed and copied files from Newport's network in late December 2024, several weeks after news that Mariner was acquiring Newport. The unauthorized activity, detected on Jan. 12, 2025, reportedly affected 9,323 individuals.
Under the Securities and Exchange Commission's amended Regulation S-P – which took effect for firms managing at least $1.5 billion in December last year, with smaller firms expected to comply starting this week – registered investment advisors are required to notify affected clients of a data breach within 30 days of first detection.
The incident arrives against the backdrop of Mariner's documented investment in its security infrastructure. In a case study published by email security company Material Security, Thomas Brittain, senior vice president of information technology at Mariner Wealth Advisors in Overland Park, Kansas, described the firm's shift to a zero-trust approach to email security.
"As with most financial services organizations, Mariner Wealth sees frequent spear phishing attempts," the case study said, describing how what used to be an hours-long process to work through a phishing incident got compressed to minutes.
It also described how acquisitions and mergers over the years have expanded Mariner's digital environment into a domain spanning multiple tenants using both Google Workspace and Microsoft 365.
"Taking a Zero Trust approach to email security is critical because malicious content is always going to get through," Britain said. "Blockers might catch 98% of attacks, but the answer is not to get from 98% to 99% – because that's still not bulletproof."
InvestmentNews reached out to Mariner for additional comment on the November breach.
"Mariner takes the security of information seriously and continues to work with cybersecurity experts," a spokesperson for the firm told InvestmentNews via email. "This incident has no impact on the quality of our services or our commitment to clients."
AI-driven job fears are weighing on retirement confidence, especially among Gen Z and Millennials, Thrivent survey finds
It’s the second time in as many years regulators have penalized Centaurus Financial for lack of compliance with Reg BI.
AI Teammate is embedded within Wells Fargo’s Advisor Gateway desktop platform.
Elsewhere, Ameriprise added a $470 million Wells team in New York, while an ex-Morgan Stanley advisor bolsters UBS' Austin, Texas office.
Financial advisors play an essential role in helping small business owners navigate their transition out of the company — and into retirement.
Northern Trust’s Ken Lassner shows advisors how to convert volatility into after-tax portfolio gains
Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income