800,000 people just had their full names, SSNs and more exposed in massive insurance admin company data breach

Landmark Admin is a third-party administrator for a number of insurance companies and it provides back-office services for them such as new business processing and claims administration. In fact, some of the insurance companies it works with include American Monumental Life Insurance Company, Pellerin Life Insurance Company, American Benefit Life Insurance Company, Liberty Bankers Life Insurance Company, Continental Mutual Insurance Company and the Capitol Life Insurance Company.

If any of the companies listed above happen to be your insurance company, then there’s a chance you may receive a data breach notification letter in the mail, if you haven’t already. Here’s everything you need to know about this latest data breach and what steps you should take next if your personal data was exposed online.

From cyberattack to data breach

The reason we know about this data breach in the first place is due to the fact that Landmark Admin had to submit extensive details on what happened in a filing with the Maine Attorney General’s office. In fact, similar filings from other companies are one of the ways in which we often learn more about data breaches.

In this particular filing, Landmark Admin explained that it first detected suspicious activity on its network back on May 13. To prevent this cyberattack from spreading further, the company shut down its IT systems and disabled remote access to its network.

From there, Landmark Admin worked with a third-party cybersecurity firm to investigate this incident and see whether or not any data was stolen during the attack. As it turns out, the company and the cybersecurity firm found evidence that the hackers behind the attack accessed files on the network that contained the sensitive personal information of approximately 806,519 people.

In the data breach notification sent out to affected individuals, Landmark Admin explained that the following information may have been accessed by hackers:

• First name/initial and last name
• Date of birth
• Addresses
• Social Security numbers
• Tax identification numbers
• Driver’s license numbers
• Passport numbers
• Health insurance policy number
• Medical information

It’s worth noting though that the amount of exposed information “varies for each potentially impacted individual” according to Landmark Admin. This means that while one victim might have had their name and address exposed, another could have had their SSN and medical information exposed.

How to stay safe after a data breach

So what should you do if your insurance company used Landmark Admin’s services and your personal data was exposed as a result of this breach? For starters, you should check your mailbox to see if you received a data breach notification letter in the mail.

In case you’re wondering what this kind of notice would look like, there’s a sample copy included as a PDF in Landmark Admin’s filing with the Maine Attorney General’s office linked further up in this story. This letter has even more details on the incident and what the company did in its aftermath to protect its systems and the customer data stored on them.

While some companies fail to offer additional protection to affected customers or impacted individuals in this case, Landmark Admin is providing 12 months of free access to one of the best identity theft protection services through IDX. While we haven’t reviewed this particular service yet, IDX has been in business for 20 years, serves over 40 million customers and is used by Fortune 500 companies as well as the U.S. federal government.

If your identity happens to be stolen as a result of this data breach, IDX provides up to $1 million in identity theft insurance. These funds can be used to help get new documents, recover any lost wages or other damages and to hire legal counsel if necessary. Affected individuals will have access to credit monitoring services for a year as well.

For those who may be overly worried – and rightfully so after a data breach like this one — there are a number of different online data leak checkers you can use to see if your personal and financial information has ended up on the dark web. While Troy Hunt’s Have I Been Pwned is one of the oldest and most widely known, Surfshark recently launched its own data leak checker. However, as the number of data breaches has shot up in recent years, it’s likely you might find out that your data was exposed in a different incident. This is why the letter from Landmark Admin is the best way to know if your personal information was part of this particular data breach.

From here, you’re going to want to monitor all of your online accounts to look for anything unusual or suspicious. If the hackers behind this breach have your SSN, they could try and open new financial accounts, apply for a loan or even get a job or visit the doctor using your information. Likewise, if a cybercriminal commits crimes using your SSN, they end up on your criminal record.

If a year's subscription to credit and identity theft monitoring isn't enough for you, Murphy Law Firm has begun investigating claims on behalf of affected individuals. In fact, the law firm is currently putting together a class action lawsuit and you can join it here.

Data breaches like the one detailed above are becoming all too common but at least this time, Landmark Admin did the right thing by providing affected individuals with identity theft and credit monitoring. As for the data breach itself, the company and law enforcement are still investigating and we could learn more about it in the future.

More from Tom's Guide

• NSA issues warning to iPhone and Android users — do this to stop hackers
• These are the best antivirus software solutions to secure your PC
• Hackers are using fake Google Meet errors to infect PCs and Macs with malware