Article Details

Now 1.6M people had SSNs, life chapter and verse stolen from insurance IT biz. 800K? Make that double, and we'll need a double, too, for the pain. A Texas firm that provides backend IT and other services for American insurers has admitted twice as many people had their info stolen from it than previously disclosed. Landmark Admin in October revealed more than 800,000 people had their data pilfered from its servers by a network intruder. That stolen data included customers' first and last names, addresses, Social Security numbers, tax identification numbers, driver’s license numbers and state-issued identification cards, passport numbers, financial account numbers, medical information, dates of birth, health insurance policy numbers, and life and annuity policy information. No credit card details were pinched, though the trove included everything else a phisher or identity thief would kill for. And in a filing last week, Landmark informed Maine state regulators that the number of affected people is actually 1,613,773. In a letter [PDF] to customers at the end of last year, Landmark said that on May 13 persons unknown got into its servers and were detected a day later. The biz said it immediately disconnected the compromised machines, called in a third-party security outfit to investigate, and admitted "some Landmark files may have been compromised by an unauthorized third-party." Then, a month later, someone managed to get into its IT environment again. The thieves encrypted and stole chunks of data – rather ransomware like, we think – and the company and its security support said "there was insufficient evidence available to identify which files had been compromised." This second attack resulted in a class-action lawsuit against the IT provider. Landmark declined to comment. Right now, Landmark is offering anyone affected by this intrusion 12 months of credit monitoring, a $1 million insurance reimbursement policy if they can prove harm, and managed ID theft recovery services. The firm provided backend operations for American Benefit Life Insurance Company, American Monumental Life Insurance Company, Capitol Life Insurance Company, Continental Mutual Insurance Company, Liberty Bankers Life Insurance Company, and Pellerin Life Insurance Company. Most people using the insurance companies Landmark counts as customers will never have heard of the Texas biz, even though it was trusted with handling huge amounts of their data. But that's exactly what miscreants are looking for these days: An easy-to-hit supplier with access to tons of juicy data belonging to big companies. The case is reminiscent of last year's SNAFU at Infosys McCamish Systems, which does backend work for the insurance titan Fidelity Investments Life Insurance. While fewer people were affected in that intrusion, the information stolen was more valuable – including credit card details, PINs, and passwords. This was a central point of the second Cybersecurity Framework [PDF] from US standards body NIST, which last year called for businesses to be a lot stricter in checking the cybersecurity of their third-party suppliers. It appears some people haven't taken the hint.