Back to news
Cybersecurity Alert
June 14, 2026 by EmailMeNow IT Consulting

Financial Services Breaches in State AG Reports: 2026 Cross-State Tracker

Texas and Washington AG breach data show 88 financial-services notices in 2026 YTD (74 TX, 14 WA), affecting 1,438,936 residents where counts are published. GLBA and Safeguards Rule context.

Source: State Attorney General Breach Portals

FinancialBankCredit UnionData BreachTexasWashingtonState AG
Financial services data breach tracker across Texas and Washington state AG portals in 2026

Banks, credit unions, mortgage lenders, and wealth advisors appear regularly in state Attorney General breach filings. Texas and Washington both publish residents-affected counts, making it possible to compare financial-sector exposure side by side.

Texas Financial Services Breaches (2026)

Interactive Tracker

Texas Financial Services Breaches: 2026 OAG Reports

Texans affected by 2026 breach notices from banks, credit unions, and financial firms, by month

Data current through Jul 3, 2026
2026 YTD reports 74
Texans affected 1.2M
Largest report 501K
Jan
112.2K
Feb
31.6K
Mar
159.7K
Apr
37.9K
May
327.4K
Jun
564K
Jul MTD
1.3K
Show largest 2026 financial-services breach reports
Entity Published Texans affected Sector
AssuranceAmerica Managing General Agency, LLC Jun 26, 2026 500,987 Financial
Frost Bank May 20, 2026 191,848 Financial
Gulshan Management Services, Inc. Mar 16, 2026 128,652 Financial
Texas Capital May 29, 2026 86,067 PII / Identity
Decisely Insurance Services Jan 5, 2026 59,740 Financial

Source: Texas Attorney General - Data Security Breach Reports, industry-filtered. Data current through Jul 3, 2026.

Sources

State AG breach portals

State AG reporting & notices

Notable Texas Financial Institutions

InstitutionTexans AffectedDate Published
AssuranceAmerica Managing General Agency, LLC500,987Jun 26, 2026
Frost Bank191,848May 20, 2026
Gulshan Management Services, Inc.128,652Mar 16, 2026
Texas Capital86,067May 29, 2026
Decisely Insurance Services59,740Jan 5, 2026

See also our Texas banks and credit unions OAG coverage and MemberSource breach write-up.

Washington Financial Services Breaches (2026)

Interactive Tracker

Washington Financial Services Breaches: 2026 AG Reports

Washingtonians affected by 2026 breach notices from banks, credit unions, and financial firms, by month

Data current through Jun 12, 2026
2026 YTD reports 14
Washingtonians affected 204.9K
Largest report 168.5K
Mar
7.5K
Apr
178K
May
7K
Jun
12.4K
Show largest 2026 Washington financial-services breach reports
Entity Published Washingtonians affected Sector
Heritage Bank Apr 23, 2026 168,505 Financial
Plaza Home Mortgage Inc. Jun 5, 2026 9,598 PII / Identity
Mercer Advisors Inc. Mar 31, 2026 7,470 Financial
Texas Capital May 28, 2026 5,134 PII / Identity
Alaska Air Group Federal Credit Union Apr 17, 2026 5,092 Financial

Source: Washington State Attorney General - Data Breach Notifications, industry-filtered. Data current through Jun 12, 2026.

Sources

Notable Washington Financial Institutions

InstitutionWashingtonians AffectedDate Published
Heritage Bank168,505Apr 23, 2026
Alaska Air Group Federal Credit Union5,092Apr 17, 2026
Hightower Holding, LLC7,528Mar 23, 2026
Mercer Advisors Inc.7,470Mar 31, 2026
EP Wealth Advisors, LLC2,313Mar 21, 2026
Plaza Home Mortgage Inc.9,598Jun 5, 2026

California AG List (No Affected Counts)

California’s public breach list does not include resident-affected totals. Financial-sector entries in 2026 include Figure Technology Solutions (on behalf of Figure Lending and related entities) and insurance marketing firms. Monitor the California AG breach list for newly listed institutions.

Compliance Context

GLBA and the FTC Safeguards Rule require documented safeguards for customer nonpublic personal information. Weak email authentication enables impersonation, phishing, and fraudulent transfer requests — common precursors to breach notifications.

Check your institution’s posture at audit.emailmenow.com/?industry=financial-advisors.

Recommendations

  • Enforce DMARC, strict SPF, and DKIM signing.
  • Require MFA on email, wire-transfer, and core banking systems.
  • Maintain a documented safeguards program with recurring security awareness training.