Industry - Data Breach
Executive Summary
PathStone Family Office, a wealth management firm overseeing roughly $160 billion in assets, was breached by the ShinyHunters cybercrime group in February 2026. The attackers exfiltrated 15 GB of data from PathStone's Salesforce environment, exposing personal information of over 91,000 clients including Social Security numbers, financial profiles, and estate planning records. A former intern has since filed a lawsuit against the firm over the breach.
What Happened
In February 2026, the ShinyHunters cybercrime group breached PathStone Family Office's Salesforce environment and internal file systems using stolen OAuth tokens and voice phishing attacks targeting help-desk staff. The group exfiltrated 15 GB of compressed data containing 641,000 records. After PathStone refused the ransom demand, ShinyHunters listed the data on their dark web leak site on February 27, 2026, with a public release deadline of March 2. A former intern subsequently filed a lawsuit against PathStone over the breach.
Who Is Affected
An estimated 91,257 unique PathStone clients are affected. The exposed data includes full names, Social Security numbers, dates of birth, residential addresses, liquid net worth figures, annual income details, and investment advisory notes. Client contracts, legal documentation, and estate planning records were also compromised. PathStone serves more than 750 wealthy families.
Why It Matters
This breach is part of a broader ShinyHunters campaign targeting major U.S. wealth management firms, including Mercer Advisors and Beacon Pointe Advisors. The attack method — social engineering against help-desk personnel rather than exploiting software vulnerabilities — highlights systemic risks in how financial firms secure cloud access. The scale of exposed financial intelligence creates serious risks of targeted fraud and impersonation for high-net-worth individuals.
What You Should Do
If you are a PathStone client, monitor your credit reports and consider placing a credit freeze with all three bureaus (Equifax, Experian, TransUnion). Be alert for phishing attempts that reference your financial details, as the stolen data could enable highly targeted scams. Contact PathStone directly to ask whether your data was affected and what remediation they are offering.
Summary generated from verified sources and reviewed before publication. How we summarize.