Minnesota Lawyers Mutual Insurance Data Breach Exposes Social Security Numbers

On or around March 23, 2025, Minnesota Lawyers Mutual Insurance Company (MLM) discovered a data breach after detecting a network disruption in its environment. The company immediately launched a comprehensive investigation with the help of cybersecurity specialists, which determined that certain computer systems were subject to unauthorized access between Feb. 20, 2025, and March 23, 2025. During this period, data was downloaded from a subset of those systems.

The breach is especially severe due to the nature and volume of the data involved. The ransomware group HUNTERS INTERNATIONAL claimed responsibility for the attack, stating they obtained 383.7 GB of the organization’s data and posted details about the breach on the Tor network.

The exposed information is extensive and highly sensitive, including full name, address, Social Security number, driver’s license number, taxpayer ID number, financial account information, payment card information, medical information and health insurance information. This means both personally identifiable information (PII) and protected health information (PHI) were potentially compromised.

MLM recently concluded a detailed review to determine what information was contained in the impacted files and to identify the individuals affected. As of July 21, 2025, the company reported the breach to the Massachusetts Attorney General’s office, confirming that 58 Massachusetts residents were affected.

The full disclosure is available through the Massachusetts Attorney General’s data breach portal. The company has also posted a notice about the breach on its website.

Minnesota Lawyers Mutual Insurance Company's response

Upon learning of the incident, MLM acted quickly to secure its systems and launched an internal and third-party investigation to assess the scope of the breach. The company has since evaluated and enhanced its technical and administrative safeguards to help prevent similar incidents in the future. MLM has notified potentially affected individuals and regulatory authorities as required by law.

To support those affected, MLM is offering 24 months of complimentary credit monitoring and identity theft restoration services through Experian. Impacted individuals can enroll in Experian IdentityWorks for credit monitoring, identity restoration and up to $1 million in identity theft insurance. Instructions for enrollment and activation codes have been provided in the consumer notice.

Given the method and severity of the breach—specifically, the involvement of a ransomware group and the theft of both PII and PHI—affected individuals are strongly encouraged to:

• Enroll in the free credit monitoring and identity restoration services offered by MLM
• Review account statements and credit reports for suspicious activity
• Consider placing a fraud alert or credit freeze with the major credit bureaus
• Report any suspected identity theft to law enforcement and the Federal Trade Commission

Additional details and resources are included in the official notice to consumers, which is available at the bottom of this page.

More details about the company and its services can be found on the MLM website.