.png)
Affordable Mortgage Advisors Breach Exposes PII and PHI Including SSNs
On May 16, 2025, Affordable Mortgage Advisors (AMA), which operates under the trade name HMA Mortgage, discovered that an unauthorized actor had accessed its systems.
The company’s investigation, conducted with the help of outside cybersecurity professionals, revealed that the breach occurred over a three-week period between April 25 and May 15, 2025. During this time, certain files on the company’s network were accessed or acquired by the unauthorized party.
The compromised data includes personally identifiable information such as full names, Social Security numbers, passport numbers, taxpayer identification numbers, digital signatures, biometric information, dates of birth and banking or financial account details.
In addition, some files contained protected health information, including health insurance details and medical information.
As of November 25, 2025, Affordable Mortgage Advisors confirmed the scope of the breach and began notifying affected individuals. The total number of individuals affected is 3,025.
The company has posted a notice of the incident on its website. The attorneys general office of Indiana and Massachusetts was notified.
Affordable Mortgage Advisors' response
To support those impacted, the company has established a dedicated toll-free response line at 800-425-7328, available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time, excluding major U.S. holidays. Individuals who believe they may be affected can call this number for more information or to determine if they are eligible for credit monitoring services.
Affordable Mortgage Advisors is also providing detailed guidance on protecting personal information. Affected individuals are encouraged to:
- Place a fraud alert on their credit files with the major credit bureaus
- Consider placing a security freeze on their credit reports to prevent new accounts from being opened in their name
- Obtain and review free credit reports for suspicious activity
- Monitor financial account statements and credit reports for irregular activity over the next 12 to 24 months
- Contact their financial institution if their banking or credit card information was involved
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info- Affected information types not yet disclosed
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)