What Happened
In October 2025, a threat actor advertised for sale on cybercrime forums a database containing approximately 1.5 million records from Stansberry Research (stansberryresearch.com), a financial research firm, with the data later resurfacing in a February 2026 dark web leak reported as involving around 1 million records of subscriber personally identifiable information (PII), including full names, physical addresses, mobile phone numbers, personal email addresses, and internal user IDs linked to affiliates like TradeSmith and Agora Financial. The breach likely stemmed from a shared marketing or CRM system vulnerability within the parent MarketWise group, exposing a significant portion of Stansberry’s global subscriber base (over 1 million active users) and enabling risks like targeted phishing, vishing, SMS scams, and credential stuffing against high-value investor profiles. No official confirmation from Stansberry Research appears in available reports, and earlier references (e.g., 2020 SolarWinds) are unrelated.
