Investment research data breach exposes 12 million customers

Security incidents affecting financial institutions are becoming increasingly common, whether they involve banks, fintech companies or investment research firms. 

The Zacks Investment breach first came to light in late January 2025 when a hacker known as "Jurak" claimed on BreachForums that they had gained access to Zacks' systems as early as June 2024. 

Further investigation confirmed the breach occurred in June 2024, exposing 12 million unique email addresses and other personal data. The fact that the attacker managed to gain domain admin access suggests a highly sophisticated attack, potentially exploiting vulnerabilities in Zacks' network security. 

The Zacks Investment data breach, confirmed by Have I Been Pwned (HIBP), exposed a range of sensitive user information, putting those affected at risk. The leaked data includes email addresses, IP addresses, names, phone numbers, physical addresses, usernames, and unsalted SHA-256 hashed passwords.

This kind of information can be misused for phishing, identity theft, credential stuffing, harassment, SIM swapping and even physical threats. Alarmingly, 93% of the leaked email addresses had already been exposed in previous breaches, making reused passwords an even bigger problem. The use of unsalted SHA-256 hashes - widely considered outdated - only adds to the risk, making it easier for attackers to crack passwords and compromise accounts.

Despite the severity of the breach, Zacks Investment Research has yet to release an official statement as of February 2025. The lack of transparency is troubling, especially considering the scale of the breach and Zacks' history with security incidents.

The Zacks Investment breach highlights just how real the threat of cyberattacks is for financial institutions. With millions of users affected and personal data exposed, the risks of scams and identity theft are higher than ever. The fact that Zacks hasn't said much about the breach only adds to the uncertainty for those impacted. As these types of attacks become more common, it's more important than ever to stay on top of your online security - use unique passwords, keep an eye on your accounts, and stay alert for any signs of suspicious activity.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.