LPL Financial Breach: Phishing Attack Leads to Unauthorized Client Trades

LPL Financial LLC, an American brokerage and advisory firm, reports a data breach that involved unauthorized securities transactions and financial transfers within client accounts. 

Attackers used phishing messages to deliver malware to individual advisor devices between November 10 and November 25, 2025. This malware allowed the threat actors to capture credentials or session access, enabling them to log into LPL’s web-based advisor portal. 

The compromised data includes:

• Full names
• Personal identifiers
• Account transaction history
• Financial transfer records

The number of affected individuals is 1,581. 

LPL Financial reports that it contained the unauthorized activity and secured all affected accounts on November 20, 2025 and confirmed that all impacted accounts were restored to their original financial positions. 

The firm notified law enforcement and engaged external cybersecurity experts to conduct an investigation. The company is offering affected clients 24 months of free credit monitoring and identity theft protection services.