Yesterday, Landmark Admin, LLC (a third-party administrator for life insurance companies) confirmed that 806,519 people were involved in a data breach stemming from a ransomware attack in May, 2024. Landmark Admin had previously filed breach notifications in June but has only just confirmed the staggering number of people it involves.
This is the sixth-largest ransomware attack on a US financial company this year so far (based on records affected).
In its notification, the company describes how it discovered “suspicious activity” on its systems on May 13 but that “the unauthorized actor re-gained access to Landmark’s environment on June 17, 2024.” A forensic investigation revealed that “data was encrypted and exfiltrated from Landmark’s system.” Ransomware gang Abyss claimed an attack on the company (Landmark Life Insurance which is part of the same company).
Landmark Admin works with a number of insurance companies, including Liberty Bankers Insurance Group, which includes American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit Life Insurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company, and Capitol Life Insurance Company. Therefore, those impacted may have policies with one of these companies.
The data affected includes: first name/initial and last name, address, Social Security number, tax identification number, driver’s license number/state-issued identification card, passport number, financial account number, medical information, date of birth, health insurance policy number, and life and annuity policy information.
Landmark is offering anyone involved a year’s worth of free credit monitoring and identity theft protection services through IDX.
Who is Abyss?
First emerging in early 2023, Abyss, like many other gangs, will attempt to extort victims twice–once for a decryption key to restore systems and again to prevent the release of any stolen data.
Since it originated, Comparitech researchers logged 15 confirmed ransomware attacks via Abyss affecting nearly 1.07 million records. This attack on Landmark Admin is the largest confirmed attack so far, followed by its February 2023 attack on Bienville Orthopaedic Specialists which affected nearly 243,000 records.
We have also tracked 41 unconfirmed attacks via this group since early last year.
Ransomware attacks on the US finance sector
So far this year, we’ve tracked 36 ransomware attacks on US finance companies affecting nearly 33.7 million records. While the number of attacks is lower than last year’s total (59), the number of records affected is significantly higher (2023 saw 13.4 million affected).
As mentioned previously, this attack on Landmark is the sixth largest this year based on the records affected. The five other attacks are those on LoanDepot (16.9 million affected), Evolve Bank & Trust (7.6 million affected), Financial Business and Consumer Solutions, Inc. (4.3 million affected), Prudential Insurance Company of America (2.6 million affected), and Patelco Credit Union (1 million affected).
We have also monitored 105 unconfirmed attacks on this sector this year so far.
About Landmark Admin, LLC
Headquartered in Bronwood, Texas, Landmark Admin provides personalized administrative solutions to a number of insurance carriers.