Landmark Admin, a company that provides administrative services to several major U.S. insurance carriers, has recently announced that a cyberattack in May 2024 exposed the personal information of over 800,000 individuals.
The Breach: What Happened?
Landmark Admin partners with some of the largest insurance companies in the U.S., including American Monumental Life Insurance Company, Pellerin Life Insurance Company, and American Benefit Life Insurance Company. Through these partnerships, millions of policyholders entrust their personal information to Landmark’s systems.
Hackers gained unauthorized access to Landmark’s network in May 2024. According to a report filed with the Maine Attorney General’s office, Landmark detected unusual activity on May 13, 2024. In response, the company disconnected affected systems and blocked remote access to its network.
However, despite these efforts and the involvement of a third-party cybersecurity team brought in to investigate and secure the system, hackers managed to breach Landmark’s defenses again on June 17, 2024.
The investigation revealed that not only was data encrypted by the attackers, but it was also stolen. The compromised information includes highly sensitive details such as names, Social Security numbers, driver’s license numbers, passport numbers, tax IDs, bank details, medical information, health insurance policy numbers, and even life and annuity policy details.
The Impact: What’s at Risk?
This breach is particularly concerning given the nature of the data exposed. With access to Social Security numbers and other personal identifiers like driver’s licenses and passport numbers, cybercriminals could engage in identity theft or fraud on a massive scale. Bank details and health insurance information further increase the potential for financial crimes or fraudulent claims.
The insurance industry has long been a target for cyberattacks due to the wealth of personal data it holds. However, this breach stands out not only because of its scale—impacting over 800,000 individuals—but also because hackers were able to re-enter Landmark’s systems even after initial security measures were taken.
What Is Landmark Doing About It?
In response to this breach, Landmark Admin is offering free identity theft protection services for all affected individuals. The company has begun notifying those whose personal information may have been compromised via first-class mail. These notifications are being sent out in waves as potentially affected individuals are identified. A redacted copy of a notification letter can be found at ClassAction.org.
Landmark Admin has also implemented stronger data encryption protocols and other IT security enhancements to prevent future attacks. These measures included upgrading their encryption methods and improving overall network security to ensure that sensitive data is better protected going forward
The Bigger Picture: A Growing Trend
This incident is just one of many high-profile data breaches that have rocked various industries over recent years. From healthcare providers to government contractors and now insurance administrators like Landmark Admin, it seems no sector is immune from cyberattacks.
According to IBM’s Cost of a Data Breach Report 2023, the average cost of a data breach reached an all-time high of $4.45 million per incident. In 2024, that figure rose ten percent to 4.88 million—a figure that doesn’t even account for long-term reputational damage or loss of consumer trust.
Landmark Admin has been contacted for comment. They have yet to respond.
