Landmark, an administrator for insurance firms, says 800,000 affected by data breach

One of the biggest third-party administrators for several large insurance firms said a cyberattack in May exposed the sensitive information of more than 800,000 people. 

Landmark Admin told regulators in Maine that names, Social Security numbers and tax identification numbers were accessed by the hackers.

For an unknown subset of people, the breach also exposed driver’s license numbers, passport numbers, bank account information, routing numbers and medical information was also leaked. Health insurance policy information and life and annuity policy information.

The Texas-based company works as a third-party administrator for insurance carriers like Liberty Bankers Insurance Group (LBIG), which includes American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit LifeInsurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company, and Capitol Life Insurance Company. 

The breach notification letters note that the first incident occurred on May 13, when an IT team discovered “suspicious activity” that required them to disconnect the affected systems and hire a third-party cybersecurity firm. 

An investigation revealed that “there was unauthorized access to Landmark’s network and data was encrypted and exfiltrated from its system.” The hackers were in Landmark’s systems from May 13 to June 17. 

“While the forensic investigation was underway, the unauthorized actor re-gained access to Landmark’s environment on June 17, 2024. The third-party cybersecurity firm again assisted with securing the environment while it also continued to conduct its forensic investigation,” the company said. 

Landmark is still in the process of investigating the incident and said it may continue to send breach notification letters “on a rolling basis as [victims] are identified.” The first batch of letters were sent on October 23 and 24.

The company said it also took several steps to harden its systems following the attack, including data encryption and more. One year of credit monitoring services are being offered to victims. 

Landmark told regulators in Maine that 806,519 people were affected in total but they also filed documents in California and Texas, warning that about 68,000 Texans were impacted. 

Insurance companies and their partners or subsidiaries are frequent targets for cyberattacks eager to steal volumes of sensitive health-related data. Last week, insurance firm Globe Life told the U.S. Securities and Exchange Commission that is being extorted by hackers after data on more than 5,000 people was stolen from a subsidiary.