Cresset Capital Data Breach: Social Security Numbers Exposed

Cresset Capital Management, a U.S.-based private wealth management firm serving high-net-worth and ultra-high-net-worth clients, disclosed a data breach involving sensitive personal and financial information.

On April 6, 2026, Cresset identified suspicious activity within its computer network. Upon detection, the company activated its incident response protocols and contained the activity shortly thereafter.

Cresset also engaged experienced third-party cybersecurity professionals to investigate the incident and confirm there was no ongoing unauthorized access to its systems.

The investigation determined that personal information was accessed during the incident. The types of information exposed included names, contact information, dates of birth, Social Security numbers, driver's license numbers, passport numbers and financial account information.

The total number of individuals affected in the United States has not been publicly disclosed.

The breach was reported to the California Attorney General.

Cresset's response to the breach

Cresset is offering affected individuals a complimentary two-year subscription to Experian IdentityWorks Credit Plus 3B. Individuals can enroll at the Experian IdentityWorks enrollment page.

The service includes several layers of protection: credit monitoring across all three major credit bureaus, internet surveillance that scans the dark web for personal information being traded or sold, identity restoration support from specialists and up to $1 million in identity theft insurance.

For questions about the Experian service or help with enrollment, affected individuals can contact the Experian call center at 833-931-7577, available from 9 a.m. to 9 p.m. EST, Monday through Friday (excluding holidays).

Individuals may also reach out to their Cresset advisor or email the company for more information about the incident.

Steps to take if your information was exposed

• Place a credit freeze with all three credit bureaus to prevent new accounts from being opened without authorization. Freezes can be placed online at Equifax (1-888-298-0045), Experian (1-888-397-3742) and TransUnion (1-800-916-8800), or by placing a fraud alert through any one of the three bureaus.
• Request and review free credit reports at AnnualCreditReport.com and look carefully for unfamiliar accounts or inquiries. Those without internet access can request reports by mail using the Annual Credit Report request form.
• Monitor financial accounts and statements closely for unauthorized transactions and report suspicious activity immediately to the relevant financial institution. General credit report inquiries can also be directed to Equifax (1-866-349-5191), Experian (1-888-397-3742) or TransUnion (1-800-888-4213).
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov (1-877-438-4338) and to local law enforcement. Additional consumer protection resources are available at USA.gov, and consumers can review their rights under the Fair Credit Reporting Act through the Consumer Financial Protection Bureau.
• Be cautious of phishing attempts that reference Cresset Capital Management or this data breach by name, as scammers often exploit breach notifications to trick people into sharing more personal information.