Skip to content

Landmark data breach affected 800,000 users

  • by
  • 2 min read

Illustration: JMiks | Shutterstock

Insurance administrator Landmark has started notifying over 800,000 individuals that their personal information was stolen in a ransomware attack on the company in 2023. Potentially compromised data includes names, addresses, dates of birth, driver’s license or state-issued ID numbers, passport numbers, Social Security numbers, medical and health insurance information, bank account and routing numbers, and life and annuity policy information.

Despite Landmark being aware of the attack by May 13, attackers regained access to its networks on June 17 as the investigation continued. According to the letter received by affected individuals, attackers successfully extracted and encrypt data from its servers. However, the company claims that the data stolen varies for each “potentially impacted individual.”

The notification letter did not reveal much information about the attack other than the fact that the company “engaged a specialised cybersecurity firm and IT personnel to conduct a forensic investigation to determine the nature and scope of the incident.” Regardless, the affected systems have been successfully restored, and law enforcement has been notified, and work on further improving network security is ongoing.

Illustration: Supimol Kumying | Shutterstock
Illustration: Supimol Kumying | Shutterstock

At the moment, there’s no information on what ransomware group was behind the attack and Candid.Technology hasn’t seen any major players in the ransomware industry claim the attack yet, so there’s a chance that the stolen data hasn’t yet been put on public sale.

As for relief, the company offers 12 months of free credit monitoring and identity theft protection services, as well as additional guidance on how affected individuals can protect themselves from identity theft and fraud. This has become standard practice in recent years by companies suffering data breaches. However, it’s a measure that does too little too late as sensitive data is already out in the wild for a while by the time affected individuals can render these services meaningfully.

In the News: Madras HC directs Telegram to stop chatbots leaking Star Health data

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>