Data Breach

On November 29, 2025, MOA became aware of suspicious activity within its systems. MOA
immediately launched an investigation with third party specialists to confirm the nature and scope of the activity The investigation determined that certain files in the MOA network environment
were accessed or copied without authorization from MOA between November 14, 2025, and November 29, 2025. MOA thereafter undertook a thorough, time intensive review of the
potentially impacted records to determine what information was potentially impacted, to whom the information related, and to identify contact information for purposes of providing notifications.
That review recently concluded
The information that could have been subject to unauthorized access includes name, Social
Security number, and driver's license number.Mullen.law
Office of the New Hampshire Attorney General
March 23, 2026

Page 2
Notice to New Hampshire Residents
On or about March 23, 2026, MOA provided written notice of this incident to four (4) New
Hampshire residents. Written notice is being provided in substantially the same form as the letter

attached here as Exhibit A.
Other Steps Taken and To Be Taken
Upon discovering the event, MOA moved quickly to investigate and respond to the incident, assess the security of MOA systems, and identify potentially affected individuals. Further, MOA notified
federal law enforcement regarding the event. MOA is also working to implement additional safeguards and training to its employees. MOA is providing access to credit monitoring services
for twelve (12) months, through Experian, to individuals whose personal information was
potentially affected by this incident, at no cost to these individuals.
Additionally, MOA is providing impacted individuals with guidance on how to better protect
against identity theft and fraud, including advising individuals to report any suspected incidents of
identity theft or fraud to their credit card company and/or bank. MOA is providing individuals
with information on how to place a fraud alert and security freeze on their credit files; the contact
details for the national consumer reporting agencies; information on how to obtain a free credit
report; a reminder to remain vigilant for incidents of fraud and identity theft by reviewing account
statements and monitoring free credit reports; and encouragement to contact the Federal Trade
Commission, their state Attorney General, and law enforcement to report attempted or actual
identity theft and fraud.
MOA is providing written notice of this inci

#Data

Comment! It's anonymous!

16 replies (most recent on top)

@3cw the firm needed to report within 30-60 days max. it hid behind the cloak of investigating but that is violation of Maine law. also, the firm never told its own employees. hid it from it own layer of trust

@2tw moa dragged its feet reporting this to the state of maine. Not a good look & bad lega.l advice

The FBI’s latest Internet Crime Complaint Center (IC3) report reveals that cybercrime losses in the U.S. surged to nearly $21 billion in 2025, setting a new record and marking a dramatic jump from the already staggering $16.6 billion reported for 2024.

Scams are becoming more sophisticated, more scalable, and far more profitable than ever.

Key takeaways

Cybercrime losses reached ~$21 billion in 2025, a new record
Complaints surpassed 1 million cases for the first time
Investment scams, phishing, and extortion remain top threats
Older adults lost $7.7 billion, the most of any age group
AI and cryptocurrency are accelerating scam effectiveness
A record year for cybercrime

The IC3 received over 1 million complaints in 2025, a sharp increase from roughly 860,000 the previous year.

But what’s more concerning is not just the volume—it’s the impact. Losses have outstripped complaints, signaling that attackers are getting better at extracting larger sums per victim.

Cyber-enabled fraud now accounts for the vast majority of losses, with tactics that blend social engineering, impersonation, and increasingly convincing digital deception.

The biggest threats: investment scams, phishing and BEC

Investment scams—especially those tied to cryptocurrency—continue to inflict the most financial damage. Victims are lured with promises of high returns, often through highly personalized outreach.

Other top categories include:

Phishing and spoofing: still the most reported attack type
Extortion schemes: including ransomware and s-xtortion
Business Email Compromise (BEC): a persistent, high-loss threat targeting organizations
These scams are part of highly organized, global cybercrime operations, according to the bureau.

Seniors hit the hardest

One of the most troubling findings: people over the age of 60 suffered $7.7 billion in losses, a 37% increase year over year.

This group remains a prime target due to a mix of factors, including accumulated savings, lower familiarity with emerging scams and greater trust in digital communications.

AI is supercharging scams

In 2025, IC3 received more than 22,000 complaints reporting AI-related information. Citizens reported $893 million in losses, according to the report.

While phishing and fraud are nothing new, artificial intelligence is making them far more dangerous. Cybercriminals are now leveraging AI heavily to:

Craft highly convincing messages at scale
Clone voices and create deepfake videos
Automate interactions with victims in real time
“AI technology enables the creation of convincing synthetic content, such as social media profiles and personalized conversations, often in mass quantities,” the report notes. “People have manipulated video and audio similarly for decades, but the widespread availability of this developing technology makes it possible to create high-quality content. AI-enabled synthetic content is becoming increasingly difficult to detect and easier to make, which allows criminal actors to potentially conduct successful fraud schemes against individuals, businesses, and financial institutions.”

This dramatically lowers the barrier to entry and increases success rates, turning small-time scammers into highly effective operators.

@1vf big meeting today at white house on cybersecurity. AI is the existential threat which out MOA out of business for absolute good.

Is Mutual of America royally f.cuked ? How about banks ? Investment Firms ? Will they be ready ? Super scary stuff. Is it time to get the $$$ out and put under matress ? To quote biden, it's not a joke:

The next wave of AI-powered cybersecurity attacks will be like nothing we’ve seen before.

That’s the message AI company Anthropic sent in a leaked blog post last week, in which it warned that its upcoming AI model, called Mythos, and others like it can exploit vulnerabilities at an unprecedented pace.

And it’s not the only one: OpenAI warned in December that its upcoming models posed a “high” cybersecurity risk. Experts have already said AI can amplify existing dangers and rapidly generate new software hacks.

But the rise of AI agents, or AI assistants that can carry out tasks autonomously, takes that risk to another level, some experts warn. A single AI agent could scan for vulnerabilities and potentially take advantage of them faster and more persistently than hundreds of human hackers.

“The agentic attackers are coming,” said Shlomo Kramer, founder and CEO of cybersecurity and networking company Cato Networks. “This is a watershed event in the history of cybersecurity.”

The “Mythos” leak

Details about Mythos leaked in an unpublished blog post first reported on by Fortune. Anthropic did not respond to CNN’s request for comment. But the company told Fortune the leak was a result of human error within its content management system.

“Although Mythos is currently far ahead of any other AI model in cyber capabilities, it presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders,” Anthropic said in the draft.

The company is letting certain organizations test the model ahead of time to improve their systems “against the impending wave of AI-driven exploits,” it said.

Anthropic is also privately warning government officials about the potential for large-scale cyberattacks enabled by Mythos, according to Axios.

But every lab’s next model will pose increasingly severe cybersecurity threats, Kramer told CNN.

“Behind Mythos is the next OpenAI model, and the next Google Gemini, and a few months behind them are the open-source Chinese models,” he said.

@1g9 ok. you win. Lawyer fees are $750K ?!?!?!

@1fk 100% false.

@1fj yup. Lawyer fees $500,000 !!

@1bz how many people sign up for that credit monitoring offer ? i've heard less than 10% sign up. this might turn into a cl-as.s-ax-son lawsuit. Settlement around $100k-$250k i recon.

@1bz representing $3.14M in assets.

Heard it impacted less than 2000 people.

@qa lets say it impacted 3,500. The company has to pay $50 each for credit monitoring and only 2 people will actually sign up for the free monitoring.

It sounds like the data breach only impacted a few thousand people.

https://www.federmanlaw.com/blog/mutual-of-america-financial-group-data-breach-investigated-by-federman-sherwood/

time to take all your money out and place it under mattress with a 'h.ot b.londe' on top of it

https://www.claimdepot.com/investigations/mutual-of-america-data-breach-2026

Thread regarding Mutual of America Life layoffs

Data Breach

16 replies (most recent on top)

Post a reply