Maine AG Flags LPL and Ameriprise Over Data Breaches Affecting Nearly 50,000 Clients

Context The Maine AG’s office flagged LPL Financial, which employs more than 32,000 advisors, and Ameriprise Financial, with over 10,000 advisors, for client‑information incidents reported in November and March respectively. This follows a prior LPL disclosure at year‑end and an Ameriprise advisor‑level phishing note earlier in the year.

Key Facts LPL said 1,581 clients were affected by a November phishing scam that installed malware on a limited number of advisor devices, leading to unauthorized access to those advisors’ web‑portal accounts; the breach was spotted ten days after it began. Ameriprise disclosed that 47,876 clients had their stored data and files accessed without permission in a March incident discovered sixteen days later; a spokesperson confirmed the access involved certain stored data and files but no movement of funds. On the market, LPL Financial (LPLA) traded at $78.40, down 1.2% in the session, giving it a market cap of about $12.8 billion, while Ameriprise Financial (AMP) closed at $342.10, up 0.5%, with a market cap near $21.9 billion.

What It Means Regulators may review whether the firms met state‑and‑federal safeguard rules, potentially leading to fines or mandated improvements in advisor‑level security training. Clients are being offered credit‑and‑identity monitoring, and the firms have pledged to notify affected individuals. Investors should watch for any updates from the Maine AG, upcoming SEC cybersecurity guidance, and how the incidents influence the firms’ quarterly earnings commentary on technology spending.

What to watch next The Maine AG’s follow‑up report, any settlement discussions, and the firms’ next earnings calls where cybersecurity expenses and client‑outreach costs may be disclosed.