CP
cyberpings
BreachesHIGH

Hightower Holding Data Breach - 130,000 Affected Individuals

SWSecurityWeek
Hightower Holdingdata breachpersonal informationidentity theftcredit monitoring
🎯

Basically, hackers stole personal information from Hightower Holding, affecting many people.

Quick Summary

Hightower Holding has reported a data breach affecting over 130,000 individuals. Hackers stole sensitive personal information, including Social Security numbers. The company is offering credit monitoring services to help mitigate risks for those impacted.

What Happened

In early January 2026, Hightower Holding, a parent company of financial management services, experienced a significant data breach. This incident has led to the exposure of sensitive personal information for over 130,000 individuals. The breach occurred between January 8 and 9, when hackers managed to exfiltrate files containing names, Social Security numbers, and driver’s license numbers from Hightower's environment.

The company has confirmed that the breach was caused by compromised user credentials rather than any security flaws in their systems. This means that the attackers likely gained access through stolen login information, which highlights the importance of robust password management and user authentication practices.

Who's Affected

The data breach has impacted 131,483 individuals, as reported by Hightower to the Maine Attorney General’s Office. Those affected include clients of Hightower Advisors, Hightower Securities, and Hightower Trust Company, all of which operate under the Hightower Holding umbrella. The company is taking steps to notify these individuals and provide support.

While Hightower has stated that there is no indication of the stolen information being used for identity theft or fraud, the potential for such misuse remains a concern for those affected. The breach serves as a reminder of the vulnerabilities that can exist within financial services and the importance of safeguarding personal data.

What Data Was Exposed

The compromised files contained a range of sensitive personal information. Specifically, the data included:

  • Names
  • Social Security numbers
  • Driver’s license numbers

This type of information can be particularly valuable to cybercriminals, as it can be used to commit identity theft or fraud. Hightower is aware of the potential risks and is taking steps to mitigate them by offering affected individuals credit monitoring services for 12 months.

What You Should Do

If you are among those affected by the Hightower data breach, it is crucial to take immediate action to protect yourself. Here are some recommended steps:

  • Enroll in the credit monitoring services offered by Hightower to keep an eye on your credit report.
  • Change passwords for any accounts that may use the same credentials as those compromised in the breach.
  • Monitor your financial statements and credit reports for any suspicious activity.
  • Consider placing a fraud alert on your credit file to make it harder for identity thieves to open accounts in your name.

By taking these proactive measures, you can help safeguard your personal information and reduce the risk of identity theft following this breach.

🔒 Pro insight: The breach underscores the critical need for enhanced credential security measures in financial services to prevent unauthorized access.

Original article from

SecurityWeek · Ionut Arghire

Read Full Article

Share

Related Pings

HIGHBreaches

Data Breach - Russian Authorities Arrest LeakBase Admin

Russian authorities arrested the alleged admin of LeakBase, a major marketplace for stolen data. This operation reveals the ongoing threat of data breaches and identity theft. With international cooperation, law enforcement aims to disrupt cybercrime networks and protect individuals from fraud.

Security Affairs·
MEDIUMBreaches

Infinite Campus - Reports Hack After ShinyHunters Attempt

Infinite Campus has reported a data breach due to a ShinyHunters extortion attempt. Names and contact details of school staff were accessed. This incident highlights ongoing security risks in the education sector.

SC Media·
HIGHBreaches

Data Breach - HackerOne Employees Compromised in Attack

A serious data breach has compromised HackerOne employees' personal information due to a hack at Navia Benefit Solutions. Nearly 300 employees are affected, raising concerns about identity theft and fraud. Vigilance is crucial as the situation develops.

SC Media·
HIGHBreaches

Data Breach - Over 3M Affected in QualDerm Partners Attack

A major data breach at QualDerm Partners has affected over 3 million individuals. Sensitive patient information was stolen, raising serious privacy concerns. Affected individuals are urged to monitor their accounts closely.

SC Media·
HIGHBreaches

Dutch Ministry of Finance - Systems Taken Down After Breach

The Dutch Ministry of Finance has taken down its systems due to a significant breach affecting customs and taxation operations. Ongoing investigations aim to assess the full impact. Citizens and businesses are advised to monitor their accounts for any unusual activity.

SC Media·
HIGHBreaches

Data Breach - Hackers Access Millions of Crime Tipster Records

Hackers claim to have accessed sensitive data tied to millions of crime tipsters. This breach raises serious privacy concerns, affecting numerous individuals and organizations. Authorities are advising caution as investigations continue.

Malwarebytes Labs·