- The Landmark administrator underwent a ransomware attack in May 2024
- It was initially believed that around 800,000 people were affected
- A new survey determined more than 1.6 million victims
More than 1.6 million people have now been affected by the cyber attack in May 2024 at Landmark Admin, twice as much as what was originally thought.
The company confirmed the news in a report updated to the Maine Prosecutor General’s Office.
“The forensic survey determined that the data was encrypted and exfiltrated from the Landmark system,” said the company. “However, evidence was insufficient to identify which files had been compromised. Unauthorized activity occurred between May 13, 2024 and June 17, 2024. ”
Ransomware attacks
Landmark Admin is a third-party administrator (TPA) specializing in administrative support services for life insurance and rent companies.
At the end of October 2024, the company reported a serious attack on ransomware in which threat stakeholders also stole sensitive customer data, the attack allegedly the work of a ransomware operator called Abyss.
After the violation, the Landmark administrator closed his computer systems and his remote access to his network to contain the effects and called on third -party security experts, who found personal information of 806,519 people had been stolen.
In a letter of notification of data violation sent to affected customers, Landmark Admin said that stolen information included the complete names of people, addresses, social security numbers, tax identification numbers, driving license numbers, state identity card numbers, passport numbers, financial account numbers, medical information, health insurance and information on life annuity policy.
Stolen information varied from the individual to the individual, and as stolen information is very sensitive, users have been invited to be very vigilant for potential phishing attacks, social engineering or possible wire fraud.
At the time of violation, Landmark offered credit and protection monitoring services against IDX, including 12 months of Cyberscan credit and surveillance, an insurance reimbursement policy of $ 1,000,000 and fully managed identity flight recovery services.
Via Bleeping Compompute
