Cetera, Ameriprise Face Class Action Lawsuits Over Data Breaches

The recent breaches at Cetera Financial and Ameriprise illustrate a troubling trend in the wealth‑management sector, where cyber‑criminals target the troves of personal and financial data held by advisory firms. In Cetera’s case, a compromised employee email account allowed attackers to harvest client names, Social Security numbers and account details, while Ameriprise fell victim to the notorious ShinyHunters ransomware group, which exfiltrated more than 200 GB of Salesforce records. Both incidents reveal gaps in security protocols and, notably for Ameriprise, a failure to promptly notify affected clients, fueling class‑action litigation.

Regulators are responding with heightened vigilance. FINRA’s new Financial Intelligence Fusion Center provides a secure, real‑time platform for member firms to exchange threat intelligence, coordinate responses, and access forensic expertise. This initiative reflects broader industry pressure to adopt proactive cyber‑risk management, especially for smaller advisory firms lacking dedicated security teams. By aggregating data from multiple breaches, the Fusion Center aims to identify common attack vectors—such as credential theft and ransomware extortion—and disseminate actionable mitigation strategies.

For financial services firms, the stakes are increasingly high. Beyond potential fines and legal settlements, data breaches erode client trust, a critical asset in wealth management. Companies must invest in multi‑factor authentication, continuous monitoring, and rapid breach‑notification procedures to meet both regulatory expectations and client expectations. As class actions gain momentum, firms that demonstrate robust, transparent security practices will be better positioned to avoid costly litigation and preserve their reputational capital in an environment where cyber threats are now a strategic business risk.