← All articles

Have I Been Pwned adds Ameriprise Financial with 502,597 breached accounts; financial-services dataset newly searchable

Have I Been Pwned has added Ameriprise Financial to its breach corpus with 502,597 unique email addresses. The financial-services giant manages over $1 trillion in assets across wealth management, advisory, and asset-management services. Underlying breach details and the original disclosure source have not been published alongside the HIBP entry, but the addition lets organizations and individuals check whether their accounts appear in the leaked dataset. Customers should expect targeted phishing themed around investment-account verification or advisor-impersonation pretexts. The breach adds to a recent run of financial-services HIBP listings including Marcus & Millichap (1.8M) and Cushman & Wakefield (310K).

Check
Check whether your @corp emails appear in HIBP's Ameriprise breach corpus. Warn affected employees about wealth-management-themed phishing and advisor-impersonation pretexts in the next 30-60 days.
Affected
502,597 unique email addresses tied to Ameriprise Financial accounts. Likely high-net-worth individuals and advisors are over-represented in the dataset compared to typical breach corpora.
Fix
Affected individuals: rotate Ameriprise passwords, enable strongest available MFA, monitor account statements for unauthorized transactions. Treat unsolicited 'Ameriprise' or 'Columbia Threadneedle' contacts as suspicious.