Don't miss the launch of Risk Automations and Vendor Onboarding Portal
Watch recording
News
Data breach reported for Hennessy Advisors
BlogBreachesResourcesNews
Data breach reported for Hennessy Advisors

Data breach reported for Hennessy Advisors

UpGuard Team
UpGuard Team
February 25, 2026

Key Facts: Hennessy Advisors Data Breach

  • Date reported: February 24, 2026.
  • Unauthorized access identified: March 30, 2025 (suspicious activity first detected).
  • Target entity: Hennessy Advisors (hennessyadvisors.com).
  • Source of breach: Unauthorized third party (hacking event).
  • Data types: Full names, Social Security numbers, driver's license numbers, and financial account information.
  • Status: Confirmed; investigation concluded February 5, 2026, and notification letters were mailed beginning February 23, 2026.
  • Severity: Medium; while no evidence of misuse has been found, the breach exposed highly sensitive personally identifiable information (PII) for 12,643 investors.

Start continuous breach monitoring with UpGuard.

What happened in the Hennessy Advisors data breach?

Hennessy Advisors (hennessyadvisors.com) reported an external system breach on February 24, 2026. The incident was categorized as a hacking event, though a specific threat actor has not been identified in the official disclosures. The company first detected the security issue nearly a year prior to the public report, initiating a comprehensive investigation into the suspicious activity within its digital environment.

On March 30, 2025, the firm discovered unauthorized access affecting its systems, which led to the exposure of personal information belonging to 12,643 investors. The organization confirmed the breach on February 5, 2026, following a detailed forensic review. This medium-severity incident highlights the risks associated with external hacking attempts targeting financial advisory services. Such events often lead to the exposure of sensitive personal identifiers or financial records.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for Hennessy Advisors customers

For the 12,643 affected investors, the breach introduces several security risks. Unauthorized access to personal information can lead to identity theft, targeted phishing attempts, and potential credential abuse if the stolen data is used to access other accounts. While the exact categories of data have not been specified, breaches in the financial sector frequently involve sensitive data points that could be leveraged by malicious actors for fraudulent activities.

Typical outcomes for impacted individuals include an increased risk of financial fraud and unauthorized account changes. To mitigate these risks, users should immediately change their passwords and monitor their financial statements for any suspicious transactions. Ensuring transparency regarding the scope of the exposure is a vital part of the organization's response to help users protect their identities.

How to protect against similar security incidents

Scan your domain for vulnerabilities in minutes.

Frequently asked questions

What happened in the Hennessy Advisors security breach?

On February 24, 2026, Hennessy Advisors (hennessyadvisors.com) disclosed a security breach. According to initial reports, the organization discovered suspicious activity in March 2025 that led to the unauthorized access of data belonging to 12,643 investors.

When did the Hennessy Advisors breach occur?

The Hennessy Advisors breach was publicly reported on February 24, 2026. The exact date of the attack has not been disclosed, although the company first detected suspicious activity on March 30, 2025.

What data was exposed?

The investigation confirmed that personal information belonging to investors was compromised. While a specific field list was not publicly broadcast, data held by investment advisors typically includes names, addresses, Social Security numbers, and financial account details required for investment management.

Is my personal information at risk?

If you interacted with Hennessy Advisors, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

How can I protect myself after this data breach?

  • Update your passwords to unique, strong phrases
  • Enable multi-factor authentication (MFA) where available
  • Monitor your financial statements and credit reports for suspicious activity
  • Be cautious of unsolicited emails or phone calls asking for personal information
  • Use data breach monitoring tools to track your information online

What steps should companies take after being impacted by this breach?

Companies typically respond to such incidents by securing affected systems, notifying impacted individuals, and providing guidance on protective actions. They may also review internal security protocols and deploy attack surface management tools to prevent future unauthorized access.

How secure is Hennessy Advisors?

Hennessy Advisors (hennessyadvisors.com) is a publicly traded investment management firm (NASDAQ: HNNA) based in Novato, California.
  • Check icon
    View our free preliminary report on Hennessy Advisors’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View Hennessy Advisors's score
View score
https://hennessyadvisors.com/
Security ratings
Deliver icon

Sign up for our newsletter

UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Payload Claims Data Breach on Royal Bahrain Hospital (RBH)

Payload Claims Data Breach on Royal Bahrain Hospital (RBH)

A data breach involving Royal Bahrain Hospital was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 16, 2026
Gov.Uk Suffers Data Leak

Gov.Uk Suffers Data Leak

A data breach involving GOV.UK was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 16, 2026
Data breach reported for Earthbound Holding

Data breach reported for Earthbound Holding

A data breach involving Earthbound Trading was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 12, 2026
Data breach reported for Health Dimensions Group

Data breach reported for Health Dimensions Group

A data breach involving Health Dimensions Group was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 11, 2026
Data breach reported for OSI Systems

Data breach reported for OSI Systems

A data breach involving OSI Systems was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 11, 2026
Michelin Data Breach Due to Oracle EBS Exploit

Michelin Data Breach Due to Oracle EBS Exploit

A data breach involving Michelin was reported in March 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
March 11, 2026
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating