Hennessy Advisors Data Breach Impacts 12,643 Individuals

Published
February 25, 2026
Updated
February 25, 2026
Hennessy Advisors Data Breach Impacts 12,643 Individuals
Hennessy Advisors

Affected by the

Hennessy Advisors

data breach?

Join the Lawsuit

On Feb. 5, 2026, Hennessy Advisors, a publicly traded investment management firm, identified unauthorized access to personal information related to investors in the Hennessy Funds. The breach affected a total of 12,643 individuals in the United States, including 48 Maine residents.

The company first discovered suspicious activity on its systems on March 30, 2025, which led to an investigation. However, it was not until late December 2025 that Hennessy Advisors confirmed that personal information had been accessed and released without authorization.

The breach was the result of unauthorized access to certain systems and data, but there is no public indication of who was responsible for the incident or whether it was caused by external threat actors or internal vulnerabilities.

The information exposed in this breach included personally identifiable information (PII) such as names, addresses, and other sensitive data shared as part of business dealings with Hennessy Advisors.

The investigation for identifying affected individuals concluded by Feb. 5, 2026.

The breach was formally disclosed to the Maine Attorney General on Feb. 24, 2026. All affected individuals were notified in writing on Feb. 23, 2026.

Hennessy Advisors' response

To assist those impacted, Hennessy Advisors is offering complimentary identity theft protection and credit monitoring services through IDX, a data breach and recovery services provider. The services include credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services.

Affected individuals are encouraged to enroll in these services by May 23, 2026, using the enrollment code provided in their notification letter.

Additionally, Hennessy Advisors recommends that all affected parties remain vigilant by reviewing account statements and credit reports for suspicious activity.

They also suggest placing a fraud alert or security freeze on credit files and provide detailed instructions and resources for doing so. The company’s notification letter outlines steps for obtaining free credit reports and contacting relevant authorities, including the Federal Trade Commission and state attorneys general.

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image