verified2026-03-02

AmeripriseAmeriprise breach

ameriprise.com · 502,597 records compromised

Records
503K
Breach date
2026-03-02
Domain
ameriprise.com
Data classes
7

Description

In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign . The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure, and subsequently published the data after negotiations allegedly failed. The published data contained 500k unique email addresses as well as names, phone numbers, physical addresses and employer information. In their disclosure to state attorneys general , Ameriprise reported 47,876 affected people; the larger email address population represents contacts from Ameriprise's broader operational systems, including internal staff. Ameriprise further advised that they have "implemented heightened monitoring of your account(s) to include enhanced identity verification procedures".

Compromised data classes· 7

Email addressesEmployersFinancial transactionsJob titlesNamesPhone numbersPhysical addresses

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Abrigo
Breach
Kemper
Breach
Canada Life
Breach
Amtrak
Breach
ADT
Breach
Marcus & Millichap
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.