Skip to content
  • Home
  • Latest Data Breaches
  • Contact Us
  • About Us
  • What You Need to Know
info@databreachrights.com
info@databreachrights.com
  • Home
  • Latest Data Breaches
  • Contact Us
  • About Us
  • What You Need to Know

Melvin Mora & Associates Data Breach Exposes Social Security Numbers and Financial Information

/ Finance / By databreachrights
Finance data breach illustration
Breach Discovery: 25th February 2026Breach Notification: 9th March 2026

What Happened in the Melvin Mora & Associates Data Breach?

Melvin Mora & Associates, Income Tax and Business Services, Inc., a family-owned tax preparation firm based in Pacoima, California, recently confirmed a data breach affecting its clients. The Melvin Mora & Associates data breach involved unauthorized access to sensitive client records. As a result, personal and financial details tied to tax preparation services may have fallen into the wrong hands.

According to information provided to regulators, the unauthorized access occurred between February 20, 2026, and February 25, 2026. During this window, someone gained access to systems containing client data. However, the firm has not publicly disclosed the specific method the attackers used to breach its systems.

The company disclosed the incident to the California Attorney General on March 9, 2026. This notification came shortly after the breach was discovered, suggesting a relatively quick response once the intrusion was identified. Still, the full scope of the investigation, including how the attackers first gained entry, remains unclear based on available information.

Because tax preparation firms handle deeply sensitive financial records, this type of breach carries serious risk. In addition, the lack of detail about the attack method makes it harder for affected clients to gauge exactly how the exposure happened. This uncertainty makes vigilance especially important for anyone who used the firm’s services.

Who was affected?

The breach may affect individuals who used Melvin Mora & Associates for tax preparation or business services. This likely includes current and former clients whose records were stored in the firm’s systems. As a result, anyone who filed taxes or sought business services through the firm during the relevant period could be impacted.

The exact number of individuals affected has not been publicly disclosed. Similarly, the firm has not released details about whether minors or dependents listed on tax returns were also affected. Because tax returns often include information about spouses, dependents, and household members, the actual number of exposed individuals could extend beyond primary account holders.

Given the firm’s location in Pacoima, California, most affected individuals are likely California residents. However, tax preparation clients sometimes include people who have since moved out of state. Therefore, the geographic reach of this breach may not be limited strictly to California.

What Information Was Potentially Exposed?

The Melvin Mora & Associates data breach exposed a broad set of personal and financial information. This data was likely collected as part of standard tax preparation and business service intake. Because tax filings require extensive personal detail, the exposure here is particularly sensitive.

  • Full names
  • Social Security numbers
  • Dates of birth
  • Home addresses
  • Phone numbers
  • Employer names and wage details
  • Bank routing and account numbers used for direct deposit or tax payments

This combination of data creates significant risk for identity theft. For example, a criminal armed with a Social Security number, date of birth, and address has enough information to open new credit accounts in someone else’s name. In addition, employment and wage details could be used to file fraudulent tax returns or unemployment claims.

The exposure of bank routing and account numbers raises additional concerns. Fraudsters could attempt unauthorized withdrawals or use this information alongside other stolen data to impersonate victims with financial institutions. Because this information was tied to direct deposit and tax payment processes, it may also be usable for redirecting future refunds or payments.

What is the company doing?

Melvin Mora & Associates has responded by notifying the California Attorney General’s office about the breach. This step is required under California law when certain thresholds of exposed personal information are met. As a result, the firm has begun the formal disclosure process required for incidents of this type.

The firm has advised individuals who may have been impacted to remain alert for signs of identity theft or fraud. In addition, the company has recommended that clients monitor their bank accounts and credit reports closely. If direct notification letters are sent to affected individuals, the firm has indicated it will provide instructions regarding credit monitoring or other support services.

What Should Affected Individuals Do?

Monitor Your Credit Reports

Affected individuals should request copies of their credit reports from all three major credit bureaus. Reviewing these reports regularly helps catch new accounts or inquiries that you did not authorize. Because Social Security numbers were exposed, this step is especially important here.

You can obtain free credit reports through AnnualCreditReport.com. In addition, many credit card companies now offer free credit monitoring tools. Checking your reports every few months, rather than just once, gives you a better chance of spotting fraud early.

Consider a Fraud Alert or Credit Freeze

Given that Social Security numbers and bank account details were compromised, placing a fraud alert or credit freeze is a reasonable precaution. A fraud alert requires creditors to verify your identity before opening new accounts. A credit freeze goes further by blocking access to your credit file entirely.

To set up a freeze, you must contact each of the three major credit bureaus separately. While this adds a small amount of effort, it significantly reduces the risk that someone could open new credit in your name. If you ever need to apply for credit yourself, you can temporarily lift the freeze.

Watch for Tax-Related Fraud

Because employment and wage information was exposed, affected individuals should watch closely for signs of tax fraud. This includes unexpected letters from the IRS about returns you did not file. If this happens, contact the IRS Identity Protection Specialized Unit right away.

You may also want to consider requesting an Identity Protection PIN from the IRS. This PIN adds an extra layer of verification when filing tax returns. As a result, it becomes much harder for someone else to file a fraudulent return using your information.

Stay Alert for Phishing Attempts

Scammers often use information from data breaches to craft convincing phishing emails or phone calls. Because your name, address, and financial details may be exposed, be cautious of unsolicited messages asking for personal information. Never click on links or provide sensitive data unless you can verify the sender’s identity.

If you receive a message claiming to be from Melvin Mora & Associates, contact the firm directly through a verified phone number or website. This helps confirm whether the communication is legitimate. In addition, avoid providing any financial information over the phone unless you initiated the call yourself.

Consult a Data Breach Attorney

If you believe you were affected by this breach, it may help to speak with a data breach attorney. An attorney can review your situation and explain whether you may be eligible for compensation. Many offer free consultations, so there is little risk in asking questions.

Because the full scope of this breach has not been publicly detailed, legal guidance can help you understand your options as more information becomes available. This is particularly useful if you experience financial losses or identity theft linked to this incident. Acting early can help preserve your rights under applicable consumer protection laws.



More Information

Official Notice from Melvinmora

Official State Attorney General Notification

Related Data Breaches

  • Mercadien Data Breach Exposes Social Security Numbers and Financial Information
  • Onset Financial Data Breach Exposes Social Security Numbers and Financial Records
  • Vanguard Data Breach Exposes Social Security Numbers
← Previous Post
Next Post →

DataBreachRights

5547 Edmonson Pike Suite 67

Nashville, TN 37211

Phone : 615-968-2858

Email : info@databreachrights.com

 

  • Home
  • Latest Data Breaches
  • Contact Us
  • Terms of Service
  • Legal Disclaimer
  • Privacy Policy