LPL Financial recently disclosed a cybersecurity breach that led to unauthorized transactions in some client accounts. The breach, which occurred on November 10, 2025, was discovered ten days later. It affected a small number of the firm’s affiliated financial advisors, impacting a total of 1,581 clients, including two in Maine. The breach was caused by malware spread through phishing messages, allowing unauthorized access to advisor accounts on LPL’s portal.
Upon discovery, LPL halted the unauthorized activity, secured the affected accounts, and restored them to their original financial states. The firm has since enhanced its security measures and found no evidence of ongoing system compromise. Affected clients were offered two years of free credit monitoring with Experian.
The incident follows a similar breach reported by LPL last year, where foreign threat actors accessed advisor accounts to manipulate stock prices. This incident is part of a larger trend of financial firms facing cyberattacks and subsequent class action lawsuits, with companies like Cetera Financial, Ameriprise, and others also targeted. Notably, the Ameriprise breach was linked to the ShinyHunters cybercriminal network, known for extortion tactics.
