Cetera Data Breach: SSNs Exposed

Cetera Financial Group, a major network of independent financial advisors and broker-dealers headquartered in San Diego, California, disclosed a data breach that stemmed from unauthorized access to an employee email account.

Cetera Financial Group determined on or around Jan. 30, 2026, that personal information may have been involved, and the company began notifying affected individuals on March 25, 2026.

According to the state disclosure, 110 New Hampshire residents were identified as potentially affected. The attorney general of Maine was disclosed of the incident. The total number of people affected nationwide has not been publicly disclosed.

What happened in the Cetera Financial Group data breach

Cetera Financial Group launched an investigation upon becoming aware of suspicious activity involving a single employee email account. The investigation determined that an unauthorized person gained access to the email account between July 7, 2025, and Aug. 21, 2025.

On or around Jan. 30, 2026, the company's ongoing review of the affected files determined that personal information was indeed exposed in the incident.

Several months passed between the time the unauthorized access first occurred in the summer of 2025 and the point at which potentially affected individuals began receiving notification letters in late March 2026.

The types of personal information exposed varied by individual but included names, Social Security numbers, driver's license numbers and financial account information.

Cetera Financial Group's response to the breach

Cetera Financial Group is offering complimentary credit and identity monitoring services through IDX. The duration of coverage is either 12 or 24 months, depending on the individual's state of residence and applicable law.

Those who received a notification letter can enroll by visiting IDX and entering the unique enrollment code included in their letter. The enrollment deadline is June 25, 2026.

According to the consumer notice, the credit monitoring portion of the IDX membership must be activated by the individual in order to take effect. IDX representatives are available to assist anyone who needs help completing the enrollment process.

The company has also established a dedicated call center to answer questions about the incident. Affected individuals can reach it by calling 1-855-830-5994, Monday through Friday, from 6 a.m. to 6 p.m. Pacific Time. Individuals may also write to Cetera Financial Group at 655 W. Broadway, 11th Floor, San Diego, CA 92101.

Steps to take if your information was exposed

• Place a credit freeze or fraud alert with all three credit bureaus. Because Social Security numbers were exposed in this breach, a credit freeze can help prevent anyone from opening new accounts using stolen information. Contact Equifax at 1-888-298-0045, Experian at 1-888-397-3742 and TransUnion at 1-833-799-5355.
• Review credit reports for unfamiliar activity. Free credit reports are available at AnnualCreditReport.com and should be checked carefully for any accounts, inquiries or changes that look unfamiliar.
• Monitor bank and financial account statements closely. Since financial account information was part of this breach, check account statements regularly for unauthorized transactions and report any suspicious charges to the bank or financial institution right away.
• Contact the state DMV about driver's license protection. Because driver's license numbers were involved, affected individuals may want to reach out to their state's Department of Motor Vehicles to ask about fraud protection options or a replacement license number.
• Report suspected identity theft to the FTC. If any signs of identity theft appear, file a report at IdentityTheft.gov or call 1-877-438-4338 to create a recovery plan.
• Be cautious of phishing attempts that reference this breach. Scammers may send emails, texts or phone calls pretending to be from Cetera Financial Group in an effort to collect more personal information.