The Pension Specialists Ltd., an independent retirement plan third-party administrator, experienced a data breach about one year ago, exposing the personal information of at least 71,443 people, according to a filing with the office of the Maine attorney general.

Affected retirement plan participants were notified on Friday about the breach. According to a letter sent to those affected, TPS experienced a network disruption on February 24, 2024, and immediately initiated an investigation on the matter and engaged with independent cybersecurity experts.

The firm determined that certain files may have been accessed or required without authorization between February 18, 2024, and February 20, 2024. The company then conducted a “comprehensive review” of all potentially affected information to identify any personal information that could have been involved. The letter stated that the company determined on December 16, 2024 that personal information may have been exposed.

In the filing to the Maine attorney general, , and described the incident as an external system breach (hacking). There has been no evidence of the misuse, or attempted misuse, of ay potentially impacted information, the letter stated.

TPS has notified affected people that their personal information, including at least names and Social Security numbers, may have been stolen, according to consumer rights law firm Wolf Hadenstein Adler Freeman & Herz LLP, which is investigating the incident.

The TPA is also offering complimentary identity monitoring services through Kroll, including months of credit monitoring, fraud consultation and identity theft restoration. The exact number of months was redacted in the Maine AG filing.

According to its website, Machesney Park, Illinois-based TPS has grown to service more than 1,025 employer retirement plans, with services covering more than 30,000 plan participants with more than $500 million in assets.

TPS did not immediately respond to a request for comment.