Beacon Pointe Advisors 2026 Data Breach

Beacon Pointe Advisors 2026 Data Breach

Financial Services / Registered Investment Advisor (wealth management) / Fiduciary advisory to individuals and institutions / United States

Beacon Pointe Advisors 2026 Data Breach

Large US registered investment advisor (Newport Beach, CA) providing fiduciary wealth management and financial planning to high-net-worth clients and institutions.

Confirmed · ObscureIQ Intelligence
Limited DisclosureThis breach involves high-visibility individuals, so confirming who appears in it could enable targeting. We do not disclose presence publicly or to third parties. Check your own exposure privately below.
Breach Risk Index i
87/100
Lower riskHigher risk
High and current: recent, valuable data circulating on the dark web now.
Data Sensitivity i
Restricted
Being associated with this breach can itself be harmful. Disclosure is limited and presence is not confirmed to unverified parties.
69k rowsRecords
2026Year

The Breach Risk Index (BRI) is a proprietary 0–100 score rating how dangerous a breach is right now, based on how recently the data has been circulating on the dark web and how valuable it is to attackers.

Crucial data exposed
SSNSocial Security Number
Gov IDDriver’s License
FinancialFinancial Account (bank/card)
Classification Tags
ShinyHuntersSocial EngineeringFinancial ServicesRegistered Investment AdvisorWealth-Management Clients2026

Breach Summary

Between January 30 and February 1, 2026, Beacon Pointe Advisors was compromised in ShinyHunters' campaign against registered investment advisors; the firm discovered the incident on February 1 and ShinyHunters listed it on February 15, 2026 claiming more than 100,000 records in a 60GB dataset. Beacon Pointe confirmed the exposed data included Social Security numbers, driver's-license numbers and financial-account numbers. This entry tracks about 69,000 circulating records; the actor claim is 100,000+.

Full threat analysis, exploitation vectors, and principal guidance below.

10 additional sections · verified field analysis · defensive doctrine

Querying breach corpus…
Cross-referencing exposed field types…
Resolving threat-actor attribution…
Compiling principal risk advisory…

69k rows records analyzed

About Beacon Pointe Advisors

Beacon Pointe Advisors is a large US registered investment advisor (RIA) headquartered in Newport Beach, California, providing fiduciary wealth-management, financial-planning and investment-advisory services to high-net-worth individuals, families and institutions. It is among the larger independent RIAs in the country by assets under management.

Why They Hold Your Data

As a wealth manager, Beacon Pointe holds affluent-client records of exceptional sensitivity, including names, contact details, Social Security numbers, driver's-license numbers and financial-account information collected for account opening, planning and compliance.

Recent Developments

Beacon Pointe discovered a breach around February 1, 2026 (intrusion January 30 to February 1); ShinyHunters listed the firm on February 15, 2026 claiming 100,000+ records in a 60GB dataset, part of a wave targeting registered investment advisors that also named Mercer Advisors. The firm offered Experian IdentityWorks with up to $1M identity-theft insurance.

Data Points Exposed

4 verified field types
Driver’s License Critical
Financial Account (bank/card) High
Full Name
Social Security Number Critical

Breach Impact

A wealth-manager breach exposing Social Security numbers, driver's licenses and financial-account numbers for an affluent client base is a high-severity event: it creates direct identity- and financial-fraud exposure, state attorney-general notification and litigation, and Beacon Pointe's provision of $1M identity-theft insurance signals the sensitivity involved. It sits within a broader RIA-targeting wave that also named Mercer Advisors.

Principal Risk Advisory

What this means for a principal

A financial-institution breach: account, wealth or payment data supports direct fraud and highly credible financial-impersonation scams. For a high-profile principal this is targeting-grade, not merely identity-theft-grade: the combination lets an adversary locate, impersonate, or pressure the principal with little additional work.

What You Should Do

  1. Freeze credit at all three bureaus and monitor for new-account and tax-refund fraud.
  2. Do not use unofficial 'am I affected' lookups; several are themselves harvesting operations.

How ObscureIQ Can Help

  1. Corpus confirmation: determine whether and where the principal (plus household and staff) appear in this dataset and which specific fields are exposed for them.
  2. Exposure mapping: cross-reference the exposed identifiers against broker-available data to size and prioritize the principal's wider footprint.
  3. ThreatWatch tuned to this incident's identifiers and misuse pattern (impersonation and targeting patterns, not generic credential monitoring).
S
Threat Actor: ShinyHuntersConfidence: High
Data theft / extortion group

Motivation: Financial extortion, data sale
A prolific data theft and extortion group that began as a database theft and resale actor and evolved toward SaaS-focused extortion. Recent activity involves vishing, credential harvesting, SSO compromise, and theft of customer data from cloud and SaaS environments.

Read the full threat-actor profile →

Protect Yourself

Protect Yourself: Limited Disclosure

Check If You’re Affected: Verification Required

Because this breach involves public-facing or high-profile individuals, confirming anyone’s presence could aid harassment or targeting. We confirm exposure only to the individual concerned. Verify your identity to privately check your own exposure.

We will only confirm whether a specific person appears in this breach to that person.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation