Ameriprise
What was exposed
Email addressesEmployersFinancial transactionsJob titlesNamesPhone numbersPhysical addresses
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Watch for text-message phishing and SIM-swap attempts on your phone number.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure, and subsequently published the data after negotiations allegedly failed. The published data contained 500k unique email addresses as well as names, phone numbers, physical addresses and employer information. In their disclosure to state attorneys general , Ameriprise reported 47,876 affected people; the larger email address population represents contacts from Ameriprise's broader operational systems, including internal staff. Ameriprise further advised that they have "implemented heightened monitoring of your account(s) to include enhanced identity verification procedures".
Frequently asked questions
What is the Ameriprise data breach?
In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment...
When did the data breach happen?
This data breach occurred around March 2026.
How many accounts were affected?
Around 502,597 accounts were affected.
What information was exposed?
Exposed data included Email addresses, Employers, Financial transactions, Job titles, Names, Phone numbers and Physical addresses.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches