Mutual of America Data Breach Exposes PII Including SSNs

Mutual of America Life Insurance Co., a financial services company headquartered in Manhattan that provides retirement products and services, disclosed a data breach involving unauthorized access to files within its network.

The breach was reported to the New Hampshire Attorney General on March 23, 2026, with four New Hampshire residents identified as affected.

Mutual of America began notifying affected consumers on or about March 23, 2026.

What happened in the Mutual of America data breach

On Nov. 29, 2025, Mutual of America became aware of suspicious activity within its systems, leading them to launch an investigation to confirm the nature and scope of the activity.

The investigation determined that certain files in the company's network environment were accessed or copied without authorization between Nov. 14, 2025, and Nov. 29, 2025.

After this discovery, Mutual of America undertook a review of the potentially impacted records to determine what information was affected, which individuals were involved and how to reach them for notification purposes. That review recently concluded, nearly four months after the breach was first discovered.

The personal information that may have been exposed includes names, Social Security numbers and driver's license numbers.

Mutual of America's response to the breach

Mutual of America is offering affected individuals 12 months of free credit monitoring through Experian IdentityWorks at no cost.

The credit monitoring service includes a credit report at sign-up, with daily credit reports available for online members. It also provides active monitoring of Experian credit files for signs of fraud, identity restoration support and $1 million in identity theft insurance.

Affected individuals can enroll at the Experian IdentityWorks website using the activation code included in their notification letter. Enrollment must be completed by June 30, 2026.

Identity restoration support is available to affected individuals right away, even before enrolling in the credit monitoring membership. Experian Identity Restoration agents can help investigate and resolve fraud that occurred as a result of the breach, including help with disputing charges, closing fraudulent accounts and contacting government agencies.

Individuals with questions about the incident can call the dedicated assistance line at 883-918-9653, Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time.

Mutual of America is also providing written notice of the breach to relevant state regulators and the three major credit reporting agencies: Equifax, Experian and TransUnion.

Steps to take if your information was exposed

• Place a credit freeze or fraud alert with Equifax (888-298-0045), Experian (888-397-3742) or TransUnion (833-799-5355) to help prevent new accounts from being opened using stolen information.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any unfamiliar accounts, inquiries or errors.
• Monitor bank and credit card statements regularly for unauthorized transactions or other suspicious activity.
• Be cautious of phishing attempts that reference Mutual of America or this data breach by name in emails, phone calls or text messages.
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov or by calling 877-438-4338, and file a police report if fraud occurs.