Investment & Securities Fraud Lawyer
Call Now For a Free Consultation: 614-532-4576 Nationwide Representation
614-532-4576 Nationwide Representation
Call Now For a Free Case Consultation

Osaic and Securities America Fined by FINRA For Cybersecurity Failures

Call to Action Case Results Team Page Fill Out Form
David Meyer
REVIEWED BY David MeyerMarch 14, 2025
On This Page
  1. FINRA Fines and Cybersecurity Breaches at Osaic Wealth and Securities America
  2. Post-Breach Responses by Osaic and Securities America
  3. Meyer Wilson's Role in Addressing Cybersecurity Breaches
  4. Frequently Asked Questions

FINRA has fined Osaic Wealth and Securities America $150,000 each for cybersecurity lapses that exposed the personal and financial information of over 32,000 clients. In a rapidly changing digital environment, broker-dealers must effectively protect sensitive client data to comply with regulations and protect investors. When financial institutions fail to protect sensitive client data, investors are left vulnerable to fraud, identity theft, and financial losses.

If your data was compromised through Osaic Wealth, Securities America, or another brokerage firm, don’t hesitate to reach out to Meyer Wilson today. Our attorneys are experienced in securities fraud cases and will help to guide you through the process with a free consultation to determine whether your losses are the result of actionable misconduct.

FINRA Fines and Cybersecurity Breaches at Osaic Wealth and Securities America

A diagram shows several of the key lapses in cybersecurity that occurred at Osaic Wealth and Securities America, resulting in censures and fines.

Key Causes of the Cybersecurity Failures

Between January 2021 and March 2023, Osaic Wealth experienced 16 cyber intrusions affecting around 28,000 customers, while Securities America faced eight breaches compromising about 4,640 clients. Despite prior warnings from regulators, both firms allowed individual branch offices to dictate their own security practices, leading to inconsistent protections and major vulnerabilities. The lapses in security included:

  • Lack of Multi-Factor Authentication – Unauthorized access to email accounts was possible because security measures were too weak.

  • Unencrypted Outbound Emails – Sensitive client information, including Social Security numbers and bank details, was transmitted without proper encryption.

  • No Email Access Logs – Without logs to monitor unauthorized access, cyber intrusions went undetected for extended periods.

Regulators had flagged these issues before, but the firms failed to enforce consistent protections across their networks. This negligence increased the risk of repeated breaches and put thousands of investors at risk.

What Information Was Exposed?

If you were a client of Osaic Wealth or Securities America, your private financial information may have been compromised. The breaches exposed personally identifiable information (PII), which cybercriminals can use to commit fraud. In total, over 32,000 individuals across the two firms had private financial or personal data exposed.

Stolen data included:

  • Social Security numbers

  • Bank account details

  • Driver’s license information

Such data can be exploited for identity theft, unauthorized transactions, and financial fraud. While some financial institutions offer credit monitoring services after breaches, neither firm publicly confirmed whether they took this step to protect affected clients.

FINRA’s Penalties and the Impact on Investors

FINRA fined Osaic Wealth and Securities America $150,000 each and issued public censures, citing breaches of supervisory obligations. However, these penalties do little to compensate the investors who were directly impacted by the breaches.

For investors, the risks extend beyond potential identity theft:

  • Loss of Trust in Financial Institutions – A firm’s failure to secure personal data can erode confidence in its ability to manage investments responsibly.

  • Potential Financial Losses – Stolen data can lead to fraudulent withdrawals or unauthorized financial transactions.

  • Complicated Resolution Processes – Investors often must navigate time-consuming procedures to freeze accounts, dispute fraudulent transactions, and restore their financial security.

Investment & Securities Fraud Lawyer

We Have Recovered Over
$350 Million for Our Clients Nationwide.

Call Us Today 614-532-4576

Post-Breach Responses by Osaic and Securities America

A picture of a Meyer Wilson paralegal is shown to symbolize that Meyer Wilson helps to protect victims of cybersecurity lapses using their whole team.

In the aftermath of these breaches, both firms have implemented cybersecurity improvements. However, these upgrades only came after investors’ data was already compromised.

Steps taken include:

  • Implementing mandatory multi-factor authentication for email accounts

  • Encrypting outgoing emails containing sensitive client information

  • Establishing centralized cybersecurity policies to prevent branch-level inconsistencies

  • Enhancing monitoring systems with detailed email access logs

Additionally, Osaic Wealth is undergoing a broader rebranding effort, consolidating multiple broker-dealers under a single entity. While this includes promises of strengthened cybersecurity policies, investors should remain cautious about whether these measures will be consistently enforced.

Meyer Wilson’s Role in Addressing Cybersecurity Breaches

The FINRA fines and censures placed on Osaic Wealth and Securities America show the consequences of inconsistent data safeguards. By placing uniform cybersecurity at the forefront, broker-dealers can better protect investors from potential threats. We realize it can be overwhelming to face questions about how a breach might affect your financial life, especially if the firm didn’t prioritize your data protection.

Data breaches can lead to long-term consequences, and brokerage firms must be held accountable when their negligence puts investors at risk. If you believe your personal or financial information was exposed in these breaches contact our team at Meyer Wilson today. With over 20 years of experience and $350 million in recovered losses for our clients, Meyer Wilson addresses the fallout of brokerage firms that overlook necessary safeguards.

Investment & Securities Fraud Lawyer

Our lawyers are nationwide leaders in investment fraud cases.

Call Us Today 614-532-4576

Frequently Asked Questions

Why Were Osaic and Securities America Fined?

They failed to implement adequate cybersecurity measures, including multi-factor authentication and encryption for emails containing sensitive information. These shortcomings allowed unauthorized access to client data, prompting FINRA to levy fines and issue public censures. The firms also faced additional scrutiny for not enforcing uniform controls across their branch offices.

What Data Was Compromised in the Breaches?

Attackers accessed personally identifiable details such as Social Security numbers, bank account information, and driver’s license data. Criminals could use this information to open new lines of credit, engage in identity theft, or perform other fraudulent activities. Individuals who suspect misuse of their data can monitor their financial accounts, place fraud alerts, and consult with relevant consumer protection agencies.

Investment & Securities Fraud Lawyer

Recovering Losses Caused by Investment Misconduct.

Start Your Free Case Evaluation
The information contained in The Firm’s posts on its blog, fraud alerts, investigations or elsewhere on the site is based upon information obtained from public sources including, but not limited to, news outlets and federal, state, and regulatory agency filings. All suspects and subjects of postings herein are presumed innocent until proven guilty in a court of law or administrative action and any and all crimes are alleged until a court or regulatory agency finds otherwise.
News Blog Posts:

Investment Attorneys File FINRA Complaint Against Jeffrey Kelly

FINRA Complaint Filed Against 3 Ohio Firms A group of alleged Ohio stockbroker fraud victims have filed a complaint with...

OH Grand Jury Charges Former Investment Advisor Jeff Kelly for Ponzi Scheme After FL Arrest

Ohio Grand Jury Charges Jeff Kelly with Orchestrating Ponzi Scheme Defrauding Ohioans from More Than $1.5 Million A former Hilliard...

Houston Businessman Sentenced to 5 Years in Prison for Investment Fraud That Impacted 300+ Victims

James Roland Dial, of Houston, Texas, received a five-year prison sentence earlier this week for conspiring with Evan “Nick” Jarvis,...

The Debate Continues Over Whether Life Settlements Are Really Securities

The SEC's Life Settlements Task Force issued a report recommending that the agency ask Congress to officially categorize life settlements...

We’ll Get Started With These 3 Simple Steps

  1. Connect with a securities fraud attorney from our legal team for a strategic analysis of your claim at no charge. It’s easy to connect with us with a web form, online chat, or phone call.

  2. If you have a strong claim to recover your investment losses, we will send you a client agreement to review and sign hassle-free on your phone, tablet, or computer. All cases are handled on a contingency fee basis.

  3. Once you hire us, we will file your case in a timely manner and keep you informed every step of the way. You choose how to communicate with your securities fraud lawyer: telephone calls, emails, video meetings, or text messages.

We Are Available To Take Your Call 614-532-4576
Investment & Securities Fraud Lawyer Consult With Our Legal Team

There is no cost associated with a case consultation

    You will be contacted by a member of the Investor Claims team within 24 hours. This information is not intended to create, and receipt or viewing does not constitute, an attorney-client relationship.