News
Data breach reported for Hightower Holding
BlogBreachesResourcesNews
Data breach reported for Hightower Holding

Data breach reported for Hightower Holding

UpGuard Team
UpGuard Team
March 24, 2026

Key facts: Hightower Advisors data breach

  • Date reported: March 23, 2026.
  • Unauthorized access identified: March 12, 2026.
  • Target entity: Hightower Advisors (hightoweradvisors.com).
  • Source of breach: Unauthorized third-party via a compromised user account.
  • Data types: Names, Social Security numbers, and driver’s license numbers.
  • Status: Confirmed; affected 131,483 individuals.
  • Severity: High; the incident involved the exposure of permanent identifiers like Social Security numbers and driver's license numbers.

What happened in the Hightower Advisors data breach?

Hightower Advisors (hightoweradvisors.com) experienced a data breach that was publicly reported on March 23, 2026. The incident originated from an unauthorized third-party gaining access to the organization's environment via a compromised user account. This security event was first identified by the company on March 12, 2026, following the initial unauthorized access that took place on January 8, 2026.

According to the disclosure, the breach affected 131,483 individuals. The information involved is highly sensitive, consisting of names, Social Security numbers, and driver’s license numbers. The severity of this incident is classified as high due to the exposure of permanent identifiers which are difficult for victims to change. While the company has initiated notification procedures for affected residents, such incidents typically lead to heightened risks of targeted phishing and identity fraud for the involved parties.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for Hightower Advisors customers

For the 131,483 individuals affected by the Hightower Advisors breach, the primary risks involve identity theft and financial fraud. Because Social Security numbers and driver’s license numbers were exposed, malicious actors could potentially attempt to open fraudulent credit accounts, file false tax returns, or commit other forms of impersonation. There is also a substantial risk of sophisticated phishing attacks, where criminals use the stolen personal details to craft convincing messages designed to extract further sensitive information or login credentials.

Events involving the loss of government-issued identifiers often require long-term vigilance from the victims. Affected individuals are encouraged to monitor their financial statements closely and utilize the credit monitoring services provided by the company. Maintaining transparency regarding the breach helps individuals take the necessary steps to secure their personal identities.

How to protect against similar security incidents

In light of the data breach at Hightower Advisors involving Social Security numbers and driver’s licenses, affected individuals and organizations should take immediate steps to enhance their security posture.

  • Enroll in credit monitoring and identity protection. Affected individuals should immediately sign up for the 12 months of free credit monitoring and identity theft protection offered by Hightower Advisors. Regularly check your credit reports from Equifax, Experian, and TransUnion for any unauthorized activity or new accounts.
  • Place a security freeze on credit files. Consider placing a security freeze on your credit reports to prevent unauthorized parties from opening new accounts in your name. This is a highly effective measure when Social Security numbers have been compromised.
  • Implement phishing-resistant multi-factor authentication. Secure all financial and personal accounts with strong multi-factor authentication (MFA), such as authenticator apps or hardware keys. This helps prevent attackers from using stolen credentials to gain access to your other online accounts.
  • Deploy continuous attack surface monitoring. Organizations should utilize attack surface management tools to identify exposed credentials and unauthorized access points. Regularly auditing user account permissions and implementing a zero-trust architecture can reduce the risk of a single compromised account leading to a major breach.

Taking proactive defensive measures is essential for mitigating the risks associated with the exposure of sensitive personal identifiers.

Frequently asked questions

What happened in the Hightower Advisors security breach?

On March 23, 2026, Hightower Advisors (hightoweradvisors.com) disclosed a security breach. According to initial reports, an unauthorized third-party accessed the organization's environment on January 8, 2026, through a compromised user account, affecting 131,483 individuals.

When did the Hightower Advisors breach occur?

The Hightower Advisors breach was publicly reported on March 23, 2026. The unauthorized access occurred on January 8, 2026, and the company discovered the incident on March 12, 2026.

What data was exposed?

The types of data involved in the Hightower Advisors incident include names, Social Security numbers, and driver’s license numbers. This page will be updated as verified information becomes available.

Is my personal information at risk?

If you interacted with Hightower Advisors, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

How can I protect myself after a data breach?

• Enroll in the offered credit monitoring services
• Place a security freeze on your credit reports
• Enable multi-factor authentication (MFA) on all sensitive accounts
• Monitor your financial statements for suspicious transactions
• Use breach monitoring tools to stay informed of future risks

What steps should companies take after being breached?

Hightower Advisors has secured its environment and is providing 12 months of free credit monitoring and identity theft protection to affected individuals. The company is also reviewing its security protocols and deploying measures to prevent similar unauthorized access in the future.

This cybersecurity news article is powered by UpGuard Breach Risk — continuous attack surface monitoring for your organisation and supply chain.

How secure is Hightower Advisors?

Hightower Advisors is a national wealth management firm providing integrated investment and financial planning services.
  • Check icon
    View our free preliminary report on Hightower Advisors’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View Hightower Advisors's score
View score
https://hightoweradvisors.com/
Security ratings
Deliver icon

Sign up for our newsletter

UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Dutch Ministry of Finance Investigating Cyberattack

Dutch Ministry of Finance Investigating Cyberattack

A data breach involving government.nl was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 23, 2026
Data breach reported for Quatrro Business Support Services

Data breach reported for Quatrro Business Support Services

A data breach involving QBSS was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 23, 2026
Checkmarx Investigating Cyberattack

Checkmarx Investigating Cyberattack

A data breach involving Checkmarx.com was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 24, 2026
Data breach reported for Mark Leyden & Associates

Data breach reported for Mark Leyden & Associates

A data breach involving mlassoc.com was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 24, 2026
QualDerm Partners Data Breach

QualDerm Partners Data Breach

A data breach involving QualDerm Partners was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 24, 2026
National Association on Drug Abuse Problems (NADAP) Data Breach

National Association on Drug Abuse Problems (NADAP) Data Breach

A data breach involving NADAP was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 24, 2026
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating