Brown Advisory Discloses January Data Breach

On Jan. 21, 2026, Maryland-based investment management and strategic advisory firm, Brown Advisory LLC, discovered a data breach involving unauthorized access to certain systems. According to the disclosure filed with the Massachusetts Office of Consumer Affairs and Business Regulation, a recognized threat actor gained access to sensitive information, impacting at least 134 individuals in Massachusetts.

The breach did not compromise the security or functioning of Brown Advisory’s internal systems, nor did it affect transactions, trading or client investments. However, the incident resulted in unauthorized access to personally identifiable information (PII), including names, phone numbers, email addresses, home addresses, Social Security numbers, driver’s license images, passport images and financial account numbers.

The company’s investigation, conducted with the help of leading cybersecurity experts, determined that the criminal actor did not access client investments or trading data. The breach was limited to certain personal information, but the scope of exposed data is significant.

Brown Advisory's response

To support those affected, Brown Advisory is offering 24 months of complimentary identity protection and credit monitoring services through Experian IdentityWorks. This service includes daily credit report monitoring, identity restoration support, and up to $1 million in identity theft insurance.

Affected individuals are encouraged to enroll in these services by June 30, 2026, and to remain vigilant by reviewing account statements and credit reports for suspicious activity. Additional steps such as placing a security freeze or fraud alert on credit files are also recommended.