Landmark Admin data breach compromised the data of over 800,000 insurance customers

Brownwood, Texas-based insurance administrative services provider Landmark Admin said that the data security incident it suffered in May compromised the sensitive personal information of more than 800,000 individuals.

 

Landmark Admin is a third-party administrator for insurance carriers, including Liberty Bankers Insurance Group which includes American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit Life Insurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company, and Capitol Life Insurance Company.

 

In a recent filing with the Main Attorney General’s office, Landmark said that on May 13, it identified suspicious activity in its internal network. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the investigation.

 

“The forensic investigation concluded on or about July 24, 2024, and determined that there was unauthorised access to Landmark’s network and data was encrypted and exfiltrated from its system. The unauthorised activity occurred from May 13, 2024 to June 17, 2024,” reads the notice.

 

The compromised data included names, dates of birth, addresses, Social Security numbers, tax identification numbers, drivers’ license numbers, state-issued identification card numbers, passport numbers, bank account and routing numbers, medical information, health insurance policy numbers, and life and annuity policy information.

 

Landmark Admin said in its filing with the Maine state regulator that it has identified at least 806,519 individuals who were impacted by the incident.

 

“Upon discovery of the incident, Landmark has taken additional technical and administrative steps to further enhance the security of its systems and customer data to mitigate the risk of future harm,” it said.

 

Landmark has urged all its employees to remain vigilant and monitor their credit reports and financial statements for any suspicious activities and to report suspicious activities to relevant law enforcement authorities and their banks. The company is also providing one year of complimentary credit monitoring and identity theft protection services via IDX to all affected individuals whose data was compromised during the incident.