Insurance data breach exposes sensitive info of 1.6 million people

3 weeks ago 12

If there’s 1 happening I’ve learned from covering information breaches implicit the years, it’s that you should ne'er instrumentality a company’s archetypal numbers astatine look value. When a breach becomes public, astir companies effort to minimize the harm by reporting less victims oregon staying vague astir what benignant of information was exposed.

Sometimes, to beryllium fair, they genuinely don’t person the afloat representation yet. But that seldom gets communicated clearly. The aforesaid happening conscionable happened again with an insurtech institution that has present doubled the fig of radical affected by a breach it disclosed past year.

STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS – SIGN UP FOR KURT’S ‘THE CYBERGUY REPORT’ NOW

Insurance information breach exposes delicate info of 1.6 cardinal people

A pistillate moving connected her laptop (Kurt "CyberGuy" Knutsson)

What you request to know

Texas-based security administrative services supplier Landmark Admin has revised the scope of its May 2024 cyberattack, revealing that astir doubly arsenic galore radical were impacted arsenic initially reported. Back successful October 2024, Landmark disclosed that suspicious enactment was detected successful its web connected May 13, prompting an investigation. At the time, it was estimated that the breach affected 806,519 individuals. But successful a caller update filed with the Maine Attorney General’s office, that fig has present jumped to 1,613,773.

Landmark serves arsenic a third-party head offering backend enactment to large insurers similar Liberty Bankers Life and American Benefit Life. This means millions of delicate security argumentation records travel done its systems, making it a tempting people for cybercriminals.

The compromised accusation varies for each idiosyncratic but whitethorn see a wide scope of delicate idiosyncratic data. This includes afloat names, location addresses, Social Security numbers, taxation recognition numbers, driver's licence oregon state-issued recognition numbers, passport numbers and slope relationship details. In immoderate cases, aesculapian information, dates of birth, wellness security argumentation numbers and details related to beingness and annuity policies whitethorn besides person been exposed.

A hacker astatine work (Kurt "CyberGuy" Knutsson)

200 MILLION SOCIAL MEDIA RECORDS LEAKED IN MAJOR X DATA BREACH

What is Landmark doing now?

The institution says the forensic probe is inactive ongoing and that the full fig of affected individuals whitethorn proceed to rise. Personalized notification letters are being mailed retired successful phases, detailing precisely what benignant of information was compromised successful each case.

"Landmark began reviewing the affected systems to place the circumstantial individuals and the types of accusation that whitethorn person been compromised," reads the latest notice. "While this process remains ongoing, Landmark volition notify affected individuals by message arsenic the accusation becomes available."

To assistance mitigate the fallout, Landmark is offering 12 months of escaped recognition monitoring and individuality theft protection. The announcement besides advises recipients to show their recognition reports and see placing fraud alerts oregon a information frost for other protection. A dedicated helpline is disposable for 90 days aft notification to code questions and concerns.

A antheral moving connected his laptop and scrolling connected his phone (Kurt "CyberGuy" Knutsson)

MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT

6 ways you tin enactment harmless from security information breach

If your accusation was portion of the Landmark breach oregon immoderate akin one, it’s worthy taking a fewer steps to support yourself.

1) Consider individuality theft extortion services: Since the Landmark information breach exposed idiosyncratic and fiscal information, it’s important to enactment proactive against individuality theft. Identity theft extortion services connection continuous monitoring of your recognition reports, Social Security fig and adjacent the acheronian web to observe if your accusation is being misused. These services nonstop you real-time alerts astir suspicious activity, specified arsenic caller recognition inquiries oregon attempts to unfastened accounts successful your name, helping you enactment rapidly earlier superior harm occurs.

Beyond monitoring, galore individuality theft extortion companies supply dedicated betterment specialists who assistance you successful resolving fraud issues, disputing unauthorized charges and restoring your individuality if it’s compromised. They often see up to $1 cardinal to screen losses and ineligible fees and a white-glove fraud solution squad successful which a U.S.-based lawsuit manager helps you retrieve immoderate losses. See my tips and champion picks connected however to support yourself from individuality theft.

2) Monitor your accounts and transactions: The Landmark information breach revealed slope details to attackers, which means they tin misuse those details to bargain your money. You should cheque your online accounts and transactions regularly for immoderate suspicious oregon unauthorized activity. If you announcement thing unusual, instantly study it to the work supplier oregon authorities. You should besides reappraisal your recognition reports and scores to spot if determination are immoderate signs of individuality theft oregon fraud.

3) Contact your slope and recognition paper companies: Since Landmark hackers obtained slope and recognition paper information, they could usage it to marque purchases oregon withdrawals without your consent. You should pass your slope and recognition paper companies of the situation. They tin assistance you frost oregon cancel your cards, quality immoderate fraudulent charges and contented caller cards for you. You should besides interaction 1 of the 3 large recognition reporting agencies (Equifax, Experian oregon TransUnion) and petition a fraud alert to beryllium placed connected your recognition file. This volition marque it much hard for individuality thieves to unfastened caller accounts successful your sanction without verification.

4) Use idiosyncratic information removal services: The information breach leaks loads of accusation astir you, and each this could extremity up successful the nationalist domain, which fundamentally gives anyone an accidental to scam you. One proactive measurement is to see idiosyncratic information removal services, which specialize successful continuously monitoring and removing your accusation from assorted online databases and websites. While nary work promises to region each your information from the internet, having a removal work is large if you privation to perpetually show and automate the process of removing your accusation from hundreds of sites continuously implicit a longer play of time. Check retired my apical picks for information removal services here.

5) Have beardown antivirus software: Landmark hackers person people's email addresses and afloat names, which makes it casual for them to nonstop you a phishing nexus that installs malware and steals each your data. These messages are socially engineered to drawback them, and catching them is astir intolerable if you're not careful. However, you’re not without defenses.

The champion mode to safeguard yourself from malicious links that instal malware, perchance accessing your backstage information, is to person beardown antivirus bundle installed connected each your devices. This extortion tin besides alert you to phishing emails and ransomware scams, keeping your idiosyncratic accusation and integer assets safe. Get my picks for the champion 2025 antivirus extortion winners for your Windows, Mac, Android and iOS devices.

6) Enable two-factor authentication: While passwords weren’t portion of the information breach, you inactive request to enable two-factor authentication (2FA). It gives you an other furniture of information connected each your important accounts, including email, banking and societal media. 2FA requires you to supply a 2nd portion of information, specified arsenic a codification sent to your phone, successful summation to your password erstwhile logging in. This makes it importantly harder for hackers to entree your accounts, adjacent if they person your password. Enabling 2FA tin greatly trim the hazard of unauthorized entree and support your delicate data.

WINDOWS 10 SECURITY FLAWS LEAVE MILLIONS VULNERABLE

Kurt’s cardinal takeaway

The existent hazard with breaches similar this isn't conscionable the archetypal leak. It's the dilatory drip of consequences that follow. As much names and numbers surface, the fallout becomes harder to contain, and the radical impacted are near scrambling to support themselves. Landmark’s delayed clarity is simply a reminder that successful the satellite of cyberattacks, timelines seldom enactment successful the public’s favor. By the clip the afloat representation emerges, the harm whitethorn already beryllium done.

Do you deliberation companies are investing capable successful their cybersecurity infrastructure? Let america cognize by penning america at Cyberguy.com/Contact.

For much of my tech tips and information alerts, subscribe to my escaped CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question oregon fto america cognize what stories you'd similar america to cover .

Follow Kurt connected his societal channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Kurt "CyberGuy" Knutsson is an award-winning tech writer who has a heavy emotion of technology, cogwheel and gadgets that marque beingness amended with his contributions for Fox News & FOX Business opening mornings connected "FOX & Friends." Got a tech question? Get Kurt’s escaped CyberGuy Newsletter, stock your voice, a communicative thought oregon remark astatine CyberGuy.com.

Read Entire Article