Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
US insurance giant Allianz Life has disclosed the customer data impacted in the cyber attack it suffered this month.
Earlier this month, Allianz Life Insurance Company of North America told media that it had detected a cyber attack that led to personal data being exfiltrated.
“On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life,” said an Allianz Life spokesperson.
“The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique.”
Now, in a new filing with the Texas attorney general, Allianz Life has revealed that individual names, addresses, birth dates and social security numbers were exfiltrated in the attack. Social Security numbers were also confirmed to have been impacted in a filing with the Massachusetts attorney-general.
The company has also previously said that it took “immediate action” to contain the breach and had contacted the FBI.
It also said that there was “no evidence the Allianz Life network or other company systems were accessed, including our policy administration system”.
While the company did not disclose how many people were affected in its filing with the Maine Attorney General, the spokesperson said a majority of the 1.4 million US customers were affected in the breach.
The company has not attributed the cyber attack to any hacking group yet, nor said if they had been notified by ransomware actors.
However, BleepingComputer has reported that the Allianz Life third party that was breached was likely Salesforce, and that it was breached by the infamous hacking group ShinyHunters, and that the same group breached Qantas and Adidas.
Qantas was originally believed to have been breached by the Scattered Spider hacking collective. Additionally, Scattered Spider was believed to have begun targeting US insurance companies back in June, according to Google threat intelligence researchers.
“Google Threat Intelligence Group is now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity. We are now seeing incidents in the insurance industry,” John Hultquist, chief analyst at Google Threat Intelligence Group (GTIG), told BleepingComputer.
While not definitive, this could suggest that ShinyHunters are working with the Scattered Spider hacking collective in launching high-profile cyber attacks.
Allianz Life operates globally with 125 million customers worldwide. The company plans to notify its customers starting 1 August.
Be the first to hear the latest developments in the cyber industry.
