// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
ColdRecon / Breach Radar / Ameriprise
Breach Record

Ameriprise

DISCLOSED 2026-03-02 · STOLEN CREDS · 502,597 RECORDS EXPOSED

In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure, and subsequently published the data after negotiations allegedly failed. The...

The record

What we know

Disclosed
2026-03-02
Attack vector
Stolen Creds
Records exposed
502,597
Domain
ameriprise.com
Data classes exposed
Email addressesEmployersFinancial transactionsJob titlesNamesPhone numbersPhysical addresses
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Ameriprise disclosure. It updates if new public reporting emerges. All tracked breaches →

Ameriprise just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →