News
Conrad Capital Management data breach exposes Social Security numbers and financial data
BlogBreachesResourcesNews
Conrad Capital Management data breach exposes Social Security numbers and financial data

Conrad Capital Management data breach exposes Social Security numbers and financial data

UpGuard Team
UpGuard Team
April 16, 2026

Key facts: Conrad Capital Management data breach

  • Date occurred: November 11, 2025
  • Date discovered: April 6, 2026
  • Date reported: April 15, 2026
  • Target entity: Conrad Capital Management
  • Source of breach: Unknown, unauthorized third-party
  • Data types: Names, Social Security numbers, driver’s license numbers, financial account numbers, tax identification numbers
  • Status: Confirmed; reported on April 15, 2026.
  • Severity: Medium; exposure of highly sensitive personally identifiable information (PII) for 258 individuals.

What happened in the Conrad Capital Management data breach?

Conrad Capital Management (conradcapital.com) reported a data breach on April 15, 2026, after discovering that an unauthorized third party had gained access to its network. The unauthorized access occurred over a period of several months, spanning from November 11, 2025, to March 8, 2026. The incident was officially identified by the organization on April 6, 2026, leading to a forensic review of the compromised files.

The breach involved sensitive files containing the personal information of 258 individuals. The data types exposed include names, Social Security numbers, driver’s license numbers, financial account numbers, and tax identification numbers. The medium-severity rating is attributed to the highly sensitive nature of the data, which could be exploited for identity theft or financial fraud. Such incidents typically place affected individuals at risk of targeted phishing and credential abuse.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for Conrad Capital Management customers

The exposure of Social Security numbers, financial account numbers, and tax identification numbers poses a significant risk to the 258 affected individuals. This specific combination of data is highly valuable to cybercriminals, who may use it to conduct identity theft, file fraudulent tax returns, or attempt to compromise other financial accounts. There is also a risk that the information could be used in sophisticated social engineering attacks or phishing campaigns designed to extract further sensitive details.

Typical outcomes of such breaches include unauthorized financial transactions and long-term identity management challenges. Impacted individuals are advised to monitor their financial statements closely, place fraud alerts on their credit reports, and utilize identity theft protection services. Transparency from the organization regarding the timeline of the breach helps affected parties take timely action to secure their personal information.

How to protect against similar security incidents

In light of the Conrad Capital Management breach involving Social Security numbers and financial data, affected individuals should take immediate steps to safeguard their personal information.

  • Monitor credit and financial statements. Regularly review bank and credit card statements for any unauthorized or suspicious transactions. Enroll in a credit monitoring service to receive immediate alerts regarding new accounts opened in your name.
  • Place a credit freeze or fraud alert. Contact the three major credit bureaus—Equifax, Experian, and TransUnion—to place a freeze on your credit files. A credit freeze prevents lenders from accessing your credit report, making it significantly harder for identity thieves to open new accounts.
  • Secure accounts with phishing-resistant MFA. Enable multi-factor authentication (MFA) on all financial, email, and sensitive accounts. Use authenticator apps or hardware security keys rather than SMS-based codes to better protect against credential interception.
  • Implement continuous attack surface monitoring. Organizations should utilize attack surface management tools to identify and secure exposed assets. Continuous monitoring helps detect unauthorized network access and vulnerabilities before they can be exploited by third parties.

Taking proactive measures like monitoring credit and securing accounts with MFA is essential for mitigating the risks associated with the exposure of sensitive PII.

Frequently asked questions

What happened in the Conrad Capital Mangaement security breach?

On April 15, 2026, Conrad Capital Management (conradcapital.com) disclosed a security breach. According to initial reports, an unauthorized person accessed the company's network between November 11, 2025, and March 8, 2026, compromising files that contained sensitive personal and financial information for 258 individuals.

When did the Conrad Capital Management breach occur?

The Conrad Capital Management breach was publicly reported on April 15, 2026. The unauthorized access took place from November 11, 2025, to March 8, 2026, and was discovered by the organization on April 6, 2026.

What data was exposed?

The types of data involved in the Conrad Capital Management incident include names, Social Security numbers, driver’s license numbers, financial account numbers, and tax identification numbers.

Is my personal information at risk?

If you interacted with Conrad Capital Management, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

What steps should companies take after being breached?

Conrad Capital Management has sent notification letters to the 258 impacted individuals and is currently reviewing its security measures to prevent future incidents. Organizations typically respond to such breaches by securing their systems, notifying affected parties, and deploying enhanced monitoring tools like attack surface management.

This cybersecurity news article is powered by UpGuard Breach Risk — continuous attack surface monitoring for your organisation and supply chain.

How secure is ?

  • Check icon
    View our free preliminary report on ’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View 's score
View score
Security ratings
Deliver icon

Sign up for our newsletter

UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Smith Douglas M. CPA data breach exposes Social Security numbers and bank details

Smith Douglas M. CPA data breach exposes Social Security numbers and bank details

A data breach involving Smith Douglas M. CPA was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 15, 2026
Inditex data breach: key facts and what we know so far

Inditex data breach: key facts and what we know so far

A data breach involving Inditex was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 15, 2026
TruView BSI data breach: key facts and what we know so far

TruView BSI data breach: key facts and what we know so far

A data breach involving TruView BSI was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 15, 2026
Phoenix Art Museum data breach: names and Social Security numbers compromised

Phoenix Art Museum data breach: names and Social Security numbers compromised

A data breach involving Phoenix Art Museum was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 15, 2026
Handala claims Dubai Land Department data breach affecting classified documents

Handala claims Dubai Land Department data breach affecting classified documents

A data breach involving Dubai Land Department was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 11, 2026
Spring Lake Park Schools Suffers Ransomware Attack

Spring Lake Park Schools Suffers Ransomware Attack

A data breach involving Spring Lake Park Schools was reported in April 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
April 13, 2026
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating