Over the past few months, we’ve seen a wave of data breaches affecting millions of people, from healthcare giants to government contractors and more. This latest incident is yet another in a long line of alarming breaches. Now, the insurance administrative services company Landmark Admin has warned that a data breach from a May cyberattack impacted over 800,000 individuals.
It’s important to note that Landmark Admin has partnered with some of the largest insurance carriers in the States, including American Monumental Life Insurance Company, Pellerin Life Insurance Company, and American Benefit Life Insurance Company. Through these partnerships, millions of policyholders and their sensitive information, such as names, Social Security numbers, driver’s license numbers, and passport numbers, could be at risk of exposure, further amplifying the potential impact of this breach.
What you need to know
In a report to the Maine Attorney General’s office, Landmark revealed it spotted unusual activity in its systems on May 13, 2024, leading it to disconnect the affected systems and block remote access to its network (via Bleeping Computer).
Landmark brought in a specialized third-party cybersecurity team to help secure its systems and run a thorough investigation to understand the extent of the breach. But while they were looking into it, the hackers managed to break back into Landmark’s system on June 17, 2024.
The cybersecurity team’s findings showed that data was both encrypted and stolen from Landmark’s systems. According to the investigation, hackers may have gained unauthorized access to the personal details of impacted individuals, which could include full name, address, Social Security number, tax ID, driver’s license or state-issued ID number, passport number, bank details, medical info, health insurance policy number, date of birth, and details about life and annuity policies.
MASSIVE DATA BREACH EXPOSES 3 MILLION AMERICANS’ PERSONAL INFORMATION TO CYBERCRIMINALS
What is Landmark doing in the wake of the Data Breach?
Landmark is offering free identity theft protection services for those impacted by the data breach. It’s also currently notifying everyone whose personal information may have been in its systems during the breach. Individual notices will be sent by U.S. first-class mail, going out in batches as they identify potentially affected individuals. The first wave of letters was sent on October 23, 2024.
WORLD’S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
9 ways to protect yourself from data breaches
1) Enable two-factor authentication: Activate two-factor authentication (2FA) for an extra layer of security on all your important accounts, including email, banking, and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.
2) Monitor your accounts and transactions: You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, immediately report it to the service provider or authorities. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.
3) Contact your bank and credit card companies: Landmark hackers obtained your bank and credit card information, which they could use to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges, and issue new cards for you.
You should also contact one of the three major credit reporting agencies (Equifax, Experian, or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification. You can even freeze your credit if need be.
4) Use personal data removal services: In light of these ongoing data breaches, protecting personal data has become essential. One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. These services employ advanced tools and techniques to identify and eliminate your data from people-search sites, data brokers, and other platforms where your information might be exposed. By using a data removal service, you can minimize the risk of identity theft and fraud, especially after a data breach. Additionally, these services often provide ongoing monitoring and alerts, keeping you informed of any new instances of your data appearing online and taking immediate action to remove it.
A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $5.99/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 190+ data brokers. You can add up to 3 emails, 3 home addresses, and 3 phone numbers (U.S. citizens only) and have them removed from data-broker databases. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Get Incogni for your family (up to 4 people) here
5) Have strong antivirus software: As cyber threats grow in frequency and sophistication, strong antivirus software is also crucial to fend off malware and phishing scams, both of which could expose your sensitive information if left unguarded.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
6) Use strong, unique passwords: Secure access to your accounts is paramount. Using strong, unique passwords for each account is an effective barrier against unauthorized access, especially when data breaches place your information at heightened risk. Avoid reusing passwords across multiple accounts. A strong password typically has a mix of uppercase, lowercase, numbers, and special characters and is at least 12 characters long. Consider using a password manager to help generate and store complex passwords securely.
7) Keep your software updated: Outdated software can have vulnerabilities that hackers exploit. Ensure your operating systems, apps, and browsers are updated to the latest versions to close any security gaps.
8) Limit sharing of personal information online: Be mindful about sharing personal information on social media or other platforms, as hackers can use this data in phishing schemes. Make sure to adjust privacy settings on your social media accounts so only trusted friends can view your profile information.
9) Avoid public Wi-Fi for sensitive transactions: Public Wi-Fi networks are often less secure and can be vulnerable to hackers. When accessing sensitive accounts, use a VPN or wait until you’re on a trusted, secure network.
ExpressVPN and Surfshark are both trusted VPN services that prioritize your privacy and security and are available on a wide range of platforms, including Mac, Windows, iOS, Android, and popular browsers.
1) ExpressVPN: ExpressVPN is known for its speed, reliability, and strong privacy features. It offers ultra-fast servers in 105 countries, supports P2P sharing, and allows up to 8 devices to connect simultaneously. Available on a wide range of devices, it features a simple setup that takes less than 2 minutes. ExpressVPN’s strict no-log policy ensures your data is never stored, and all servers run on RAM, so no user activity is saved. With 24/7 live customer support and a 30-day money-back guarantee, ExpressVPN is a top choice for privacy-conscious users
CYBERGUY DEAL: Save 49% now with CyberGuy’s exclusive offer – you can get 3 extra months FREE with a 12-month plan. Try 30 days risk-free.
2) Surfshark: Another excellent option, Surfshark provides strong security features at an affordable price. Like ExpressVPN, Surfshark operates under a strict no-logs policy and uses advanced encryption to keep your data safe. One standout feature is Surfshark’s ability to support unlimited devices on a single account, making it ideal for families or users with multiple gadgets.
Both VPNs offer top-notch security, ensuring that your browsing history, IP address, and online activities remain private.
WINDOWS FLAW LETS HACKERS SNEAK INTO YOUR PC OVER WI-FI
Kurt’s key takeaway
The Landmark data breach is just one of several data breaches I’ve covered this year. While it’s still unclear what type of cyberattack hackers used to break into the insurance company’s systems, one thing is certain – they accessed sensitive data. Even more concerning is that hackers got into Landmark’s system not once but twice, hinting at some major cybersecurity gaps. If you think you may have been impacted, stay vigilant and follow good cybersecurity practices.
Do you think companies are investing enough in their cybersecurity infrastructure? Let us know in the comments below.
FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.