Nearly a million users affected by Landmark data breach

Plenty of sensitive data stolen in a new cyberattack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Landmark Admin, a third-party administrator (TPA) specializing in administrative support services for life insurance and annuity companies, has confirmed suffering a seriousransomwareattack recently.

The company revealed the news in a filing with the Maine Office of the Attorney General, in which it said that people’s data was stolen in an attack which took place in mid-May 2024.

Following the breach, Landmark Admin shut down its IT systems and remote access to its network to contain the effects, and brought in third-party security experts, who found the personal information of 806,519 people had been stolen.

Identity theft

“The forensic investigation determined that data was encrypted and exfiltrated from Landmark’s system,” the company said. “However, there was insufficient evidence available to identify which files had been compromised. The unauthorized activity occurred between May 13, 2024, and June 17, 2024.”

When the investigation concluded, the company understood that the information grabbed by the hackers included first name/initial and last name; address; Social Security number; tax identification number; driver’s license number/state-issued identification card; passport number; financial account number; medical information; date of birth; health insurance policy number; and life and annuity policy information.

“Please note that the information above varies for each potentially impacted individual. Affected individuals will be notified by mail of information that was impacted,” Landmark said.

So far, no threat actors assumed responsibility for the attack, so we don’t know if there were any ransom demands.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Since the information stolen is highly sensitive, users are advised to be extra vigilant for potential phishing attacks, social engineering, or possible wire fraud. Landmark is offering credit monitoring and identity theft protection services through IDX, which include 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed id theft recovery services.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now

3 reasons why PIA fell in our best VPN rankings

‘That was never the plan’: Arcane creators dismiss claims that the hit Netflix show was going to run for five seasons