Mutual of America Financial Group Data Breach Investigation
According to a filing with the Maine Attorney General, Mutual of America Life Insurance Company dba Mutual of America Financial Group reported a data security incident described as an external system breach (hacking). The filing says the event was discovered on February 23, 2026, and that written notices were sent on March 23, 2026. Available information indicates the incident may have involved sensitive data, including names and Social Security numbers, and the company reportedly offered 12 months of Experian credit monitoring and identity restoration services. If you received a notice and want to understand your options, you can fill out the form on this page to see whether you may qualify for a claim.
Mutual of America Life Insurance Company, doing business as Mutual of America Financial Group, is a New York-based insurance company. Public regulatory information indicates the company reported a data security incident affecting information stored on its network.
Key Facts at a Glance
- Company: Mutual of America Life Insurance Company dba Mutual of America Financial Group
- Industry: Insurance
- Location listed in filing: New York, New York
- Incident type: Reported external system breach (hacking)
- Incident date: According to the Maine filing, November 14, 2025
- Discovery date: February 23, 2026
- Notice date: Written notices were reportedly sent on March 23, 2026
- Information that may have been involved: Name and Social Security number
- Affected count: Not publicly listed in the available filing
- Identity protection offered: 12 months of Experian credit monitoring and identity restoration services
- Source of public information: Maine Attorney General filing
What Happened?
According to a filing posted by the Maine Attorney General, the company reported a data security incident described as an “external system breach (hacking).” The filing lists November 14, 2025 as the date the event occurred, says it was discovered on February 23, 2026, and states that written notice to consumers was provided on March 23, 2026.
The public filing reviewed here does not list a total number of affected individuals, so the overall scope is not clear from that source alone. If you received a letter, that notice may contain additional information specific to your situation, including enrollment details for any protection services.
What Information Was Exposed?
Available regulatory information indicates the incident may have involved personal information such as a person’s name and Social Security number. The public Maine filing does not provide a fuller itemized description, so affected individuals should review any notice they received closely rather than assume the exact same data elements were involved for everyone.
When a Social Security number may have been involved, the main concerns usually include identity theft, fraudulent account activity, or misuse of personal information over time. That makes it important to watch your records and take advantage of any monitoring or restoration services offered.
What Should You Do Next?
- Read your notice carefully. Confirm what the letter says about the information involved, the date of notice, and any deadlines to enroll in free protection services.
- Enroll in the offered protection. The Maine filing states that 12 months of Experian credit monitoring and identity restoration services were offered. If you are eligible, enrolling promptly may help you identify suspicious activity sooner.
- Review your credit reports. Look for accounts, inquiries, or address changes you do not recognize. You can also consider placing a fraud alert or security freeze if you are concerned about identity theft.
- Monitor your accounts and mail. Watch bank statements, tax records, insurance-related communications, and other mail for unfamiliar activity.
- Keep records. Save the notice letter, enrollment confirmations, screenshots, claim numbers, and notes about time spent dealing with the issue. Good records may help if problems arise later.
- Ask questions if you need guidance. If you received a notice and want to understand your options, you can fill out the form on this page to see whether you may qualify for a claim.
Your Legal Rights
People affected by a reported data security incident may have legal rights, but those rights depend on the facts. In some situations, individuals may seek relief related to out-of-pocket losses, time spent addressing fraud issues, or the burden of protecting sensitive information after an incident.
Whether any claim exists can depend on what data was involved, what safeguards were in place, and whether misuse or other harm occurred. A lawyer can review the available facts and explain potential options in plain English, without making assumptions that may not fit your situation.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC represents individuals in data breach and privacy incident matters and investigates whether companies used reasonable security measures and provided appropriate notice. Our team focuses on clear communication, practical next steps, and efficient case evaluation for people dealing with uncertainty after a reported incident.
If you received a notice connected to this Mutual of America matter, Strauss Borrelli PLLC can review the reported facts, answer general questions about the claims process, and help you understand whether it makes sense to pursue action. Contact us using the form provided to request a no-obligation review.
Find out if you qualify for compensation
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
Frequently Asked Questions
Did Mutual of America report a data incident?
Yes. According to a filing posted by the Maine Attorney General, Mutual of America Life Insurance Company reported an external system breach, described as hacking, and said written notices were sent on March 23, 2026.
What information may have been involved in the Mutual of America incident?
Available regulatory information indicates the incident may have involved names and Social Security numbers. The public filing does not provide a fuller itemized list, so affected people should review any notice they received carefully.
Was free credit monitoring offered?
Yes. The Maine filing states that 12 months of Experian credit monitoring and identity restoration services were offered to affected individuals.
What should I do if I received a notice from Mutual of America?
If you received a notice, consider enrolling in any free protection services, reviewing your credit reports, monitoring your accounts, and keeping the letter for your records. You may also speak with a lawyer about whether the reported incident could affect your rights.
Can I take legal action over the reported incident?
Possibly. Whether a legal claim exists depends on facts such as what information was involved, whether misuse occurred, and what duties applied to the company. A lawyer can assess the notice and your circumstances.
