Financial Services / Registered Investment Advisor (wealth management) / Fiduciary advisory to individuals and institutions / United States
Large US registered investment advisor (Newport Beach, CA) providing fiduciary wealth management and financial planning to high-net-worth clients and institutions.
The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.
Between January 30 and February 1, 2026, Beacon Pointe Advisors was compromised in ShinyHunters' campaign against registered investment advisors; the firm discovered the incident on February 1 and ShinyHunters listed it on February 15, 2026 claiming more than 100,000 records in a 60GB dataset. Beacon Pointe confirmed the exposed data included Social Security numbers, driver's-license numbers and financial-account numbers. This entry tracks about 69,000 circulating records; the actor claim is 100,000+.
Full threat analysis, exploitation vectors, and principal guidance below.
10 additional sections · verified field analysis · defensive doctrine
69k rows records analyzed
Beacon Pointe Advisors is a large US registered investment advisor (RIA) headquartered in Newport Beach, California, providing fiduciary wealth-management, financial-planning and investment-advisory services to high-net-worth individuals, families and institutions. It is among the larger independent RIAs in the country by assets under management.
As a wealth manager, Beacon Pointe holds affluent-client records of exceptional sensitivity, including names, contact details, Social Security numbers, driver's-license numbers and financial-account information collected for account opening, planning and compliance.
Beacon Pointe discovered a breach around February 1, 2026 (intrusion January 30 to February 1); ShinyHunters listed the firm on February 15, 2026 claiming 100,000+ records in a 60GB dataset, part of a wave targeting registered investment advisors that also named Mercer Advisors. The firm offered Experian IdentityWorks with up to $1M identity-theft insurance.
A wealth-manager breach exposing Social Security numbers, driver's licenses and financial-account numbers for an affluent client base is a high-severity event: it creates direct identity- and financial-fraud exposure, state attorney-general notification and litigation, and Beacon Pointe's provision of $1M identity-theft insurance signals the sensitivity involved. It sits within a broader RIA-targeting wave that also named Mercer Advisors.
A financial-institution breach: account, wealth or payment data supports direct fraud and highly credible financial-impersonation scams. For a high-profile principal this is targeting-grade, not merely identity-theft-grade: the combination lets an adversary locate, impersonate, or pressure the principal with little additional work.
Motivation: Financial extortion, data sale
A prolific data theft and extortion group that began as a database theft and resale actor and evolved toward SaaS-focused extortion. Recent activity involves vishing, credential harvesting, SSO compromise, and theft of customer data from cloud and SaaS environments.
Because this breach involves public-facing or high-profile individuals, confirming anyone’s presence could aid harassment or targeting. We confirm exposure only to the individual concerned. Verify your identity to privately check your own exposure.
We will only confirm whether a specific person appears in this breach to that person.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation