Mercer Advisors Data Breach: Sensitive Records Exposed

Mercer Advisors Inc., a national wealth management firm headquartered in Denver, Colorado, disclosed a data breach in late January 2026 involving unauthorized access to systems that stored client data.

The breach was disclosed to the attorneys general offices of California, Massachusetts, Texas starting on March 31, 2026. On the same day, the company began sending notification letters by U.S. Mail.

So far, 15,486 Texas residents and 2,178 Massachusetts residents were reported to be affected.

What happened in the Mercer Advisors data breach

Mercer Advisors experienced a cybersecurity incident on or around Jan. 22, 2026. The incident involved unauthorized access to certain systems used to store client data, and the unauthorized access continued through Jan. 25, 2026.

The company's investigation determined on March 25, 2026, that an unauthorized third party had obtained certain personal information belonging to affected individuals.

On Feb. 15, 2026, a threat actor known as ShinyHunters posted a claim on a dark web forum hosted on the Tor network. The actor alleged they had compromised over 5 million records associated with Mercer Advisors, including personally identifiable information and other internal corporate data.

The types of information exposed varied by individual but included names, contact information (such as postal and email addresses and telephone numbers), driver's license numbers, other government-issued ID numbers (such as passport numbers), dates of birth and financial account numbers.

Mercer Advisors' response to the breach

Mercer Advisors is offering a free two-year membership in Experian's IdentityWorks Credit Plus program. According to the notification, this service includes credit monitoring, dark web monitoring and identity protection. It also provides up to $1 million in identity theft insurance and full-service identity restoration assistance.

Affected individuals can enroll at Experian's IdentityWorks enrollment page using the activation code included in their notification letter. Enrollment must be completed by July 31, 2026.

For questions or enrollment support, affected individuals can call 833-918-0255, Monday through Friday, 8 a.m. to 8 p.m. Central Time (excluding U.S. holidays). Incident-related questions can also be directed to questions@merceradvisors.com.

For current Mercer Advisors wealth management clients, the company is providing additional support. Clients can request help reviewing their custodial accounts for unauthorized transactions. They can also log in directly with their custodian to review account activity.

The company can assist clients in contacting their custodian to change account numbers, and it reminded clients that custodians require direct authorization for any new money movement into or out of accounts.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze with Equifax (1-800-525-6285), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent new accounts from being opened using stolen information.
• Request and review free credit reports at AnnualCreditReport.com, looking for unfamiliar accounts, inquiries or changes to personal information.
• Change passwords immediately for any online accounts where the same or similar login credentials were used, and enable multi-factor authentication where available.
• Monitor financial accounts and tax records for unauthorized transactions or signs of tax-related fraud, such as unexpected IRS notices or duplicate tax filings.
• Be cautious of phishing attempts that reference Mercer Advisors or this breach by name, and avoid clicking links or downloading attachments in suspicious emails.
• Review health insurance statements for medical services or claims that were not authorized, which could indicate misuse of exposed health information.