Image Credit: Pixabay
(Image credit: Pixabay)
Landmark Admin suffered a ransomware attack in May 2024It was initially believed around 800,000 people were affectedNew investigation determined more than 1.6 million victimsMore than 1.6 million people are now thought to have been affected by the May 2024 cyberattack at Landmark Admin, twice as many as originally thought.
The company confirmed the news in an updated report filed with the Office of the Maine Attorney General.
“The forensic investigation determined that data was encrypted and exfiltrated from Landmark’s system,” the company said. “However, there was insufficient evidence available to identify which files had been compromised. The unauthorized activity occurred between May 13, 2024, and June 17, 2024.”
Ransomware attacksLandmark Admin is a third-party administrator (TPA) specializing in administrative support services for life insurance and annuity companies.
In late October 2024, the company reported suffering a serious ransomware attack in which threat actors also stole sensitive customer data, with the attack allegedly the work of a ransomware operator called Abyss.
Following the breach, Landmark Admin shut down its IT systems and remote access to its network to contain the effects, and brought in third-party security experts, who found the personal information of 806,519 people had been stolen.
In a data breach notification letter sent to affected customers, Landmark Admin said that the information stolen included people’s full names, addresses, Social Security numbers, tax identification numbers, driver’s license numbers, state-issued ID card numbers, passport numbers, financial account numbers, medical information, dates of birth, health insurance policy numbers, and life annuity policy information.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The information stolen varied from individual to individual, and since the information stolen is highly sensitive, users were advised to be extra vigilant for potential phishing attacks, social engineering, or possible wire fraud.
At the time of the breach, Landmark offered credit monitoring and identity theft protection services through IDX, including 12 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed ID theft recovery services.
Via BleepingComputer
You might also likeNearly a million users affected by Landmark data breachTake a look at our guide to the best authenticator appWe’ve rounded up the best password managers
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
