Mutual of America Life Insurance is a large-scale insurance company based in Manhattan, New York. The company serves customers all over the United States and manages a substantial amount of data for customers. The company recently suffered from a data breach that released some customer data to the public.
The Mutual of America Life Insurance breach occurred because the company changed the size of its mailing envelopes and accidentally made insurance recipient information viewable through the window of the envelope without the need for opening the document. This mistake made it possible for others to view a small amount of personal data just by looking at the mailing envelopes for anyone requesting a profile or beneficiary change on their account.
The Mutual of America breach first occurred on August 25, 2022, and persisted until January 9, 2023. During that time, customer data may have been visible to anyone handling the envelopes for the specific documents mentioned above.
This insurance data breach impacts all customers that requested a profile change or a beneficiary change. The letter mailed out, including the required forms, gave away the data listed above. While the data isn't necessarily harmful, it is a breach of confidence and an issue for customers that don't want their information shared.
Mutual of America didn't share any files in the data breach. Instead, details were visible on mailed envelopes. No digital files were ever vulnerable in this breach, and customers that didn't receive forms for beneficiary changes or profile changes won't have suffered a data breach at all.