Victim Count of ‘Landmark Admin’ Data Breach Rises to 1.6 Million, Double the Initial Estimate

Landmark Admin, a company that provides backend IT services to US insurers, suffered a cyberattack in October, exposing the sensitive data of numerous individuals. Now, the number of afflicted parties has doubled.

Landmark’s attack in October

In October last year, Landmark Admin disclosed a cybersecurity incident that exposed the personal data of more than 800,000 people.

The threat actor stole a massive trove of sensitive details, including:

• Full names
• Addresses
• Dates of birth
• Social Security Numbers (SSNs)
• Driver’s license numbers
• Tax ID numbers
• Passport numbers
• State-issued ID cards
• Financial account numbers
• Medical information
• Life and annuity policy information
• Health insurance policy numbers

Although the company announced it in October, the attack had occurred almost half a year earlier. Landmark first detected traces of foul play on May 13.

New filing reveals almost double the number of victims

In a filing to the Maine Attorney General’s Office last week, Landmark said the number of affected individuals, initially believed to be 806,519, is actually almost double, at 1,613,773.

According to the company, the types of data stolen depend on the individual. However, Landmark vowed to notify each affected customer with a personalized letter detailing the specific information compromised in their case.

Investigation still ongoing, victim count could be even higher

According to a data breach notice, Landmark hasn’t yet finished the investigation, so the number of affected parties could be even higher.

“While the forensic investigation remains ongoing, Landmark found evidence to suggest some Landmark files may have been compromised by an unauthorized third-party,” reads the breach notice.

In response to the incident, Landmark provided victims with a year of complimentary credit monitoring and identity theft protection services and gave recipients 90 days to address their concerns about the incident.

Proactive measures in the face of data breaches

Data breaches occur indiscriminately despite the best efforts of both companies and their customers. Once individuals entrust their data to a company, its security is ultimately out of their hands.

However, that doesn’t mean individuals should remain passive. Dedicated software like Bitdefender Digital Identity Protection provides a detailed overview of your online data, notifies you of breaches involving it and helps you immediately address weak points in your digital footprint.