Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The US arm of Allianz Life is facing a pair of class action lawsuits in the aftermath of its July 2025 cyber attack, as its customers demand better security and compensation.
Earlier this month, Allianz Life Insurance Company of North America told media that it had detected a cyber attack that led to personal data being exfiltrated.
“On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life,” said an Allianz Life spokesperson.
“The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique.”
Allianz Life revealed that names, addresses, birth dates and social security numbers were exfiltrated in the attack.
The company has also previously said that it took “immediate action” to contain the breach and had contacted the FBI.
Now, however, a number of customers have launched class actions against the company, demanding compensation for the damages and for Allianz Life to improve its security.
The first class action was submitted on 31 July 2025 by customer Sylvia Herrera in the United States District Court for the District of Minnesota.
Herrera said she is representing herself as well as any other customers affected by the breach and has said that Allianz failed in its responsibility to keep the data safe and lacked enough security measures.
She also said the company took too long to notify affected customers, which the company said it’s still identifying, according to media reports.
Herrera said that customers, including herself, have wasted both time and money on the careful monitoring of their accounts and are demanding compensation for legal expenses, damages, and for the court to order Allianz to improve its data security.
A day later, a second class action against Allianz Life was launched in the same court by Cheryl Marotta of Massachusetts and David Werner of Missouri, both of whom are Allianz Life customers.
Similarly, the two represent themselves and all customers and accuse Allianz of failing to administer the proper safeguards needed to secure data, adding that the data was stored in a single database and not encrypted.
Marotta added she noted suspicious activity, including an increase in spam calls and texts, and an email claiming her credit card would be charged.
Similarly, the class action requests damages, restitution and for Allianz to improve its security and future financial audits. It also wants it to provide credit monitoring services.
Does the blame lie with Allianz?
While a key focus of both class actions is for Allianz Life to improve its security, the company said the cyber attack was on a third-party organisation it uses.
Companies absolutely have a responsibility to vet their third-party organisations for security, and if the class-action’s claims that the data was stored in a single unencrypted database, there is absolutely cause for alarm.
However, should the pointed finger be directed towards Allianz or the third party?
While the third-party was never named by Allianz Life, BleepingComputer identified the company as Salesforce.
Why is this important? Salesforce instances are company-managed, meaning that rather than Salesforce being breached, threat actors breached individual instances managed by its clients.
“Salesforce has not been compromised, and the issues described are not due to any known vulnerability in our platform. While Salesforce builds enterprise-grade security into everything we do, customers also play a critical role in keeping their data safe – especially amid a rise in sophisticated phishing and social engineering attacks,” Salesforce told BleepingComputer.
“We continue to encourage all customers to follow security best practices, including enabling multifactor authentication, enforcing the principle of least privilege and carefully managing connected applications.”
Once again, while Allianz Life did not identify the threat actor, according to BleepingComputer, the threat actor behind the Salesforce breach, which has affected a number of organisations now, is ShinyHunters. The group has been using phishing and social engineering to gain access to credentials and accounts, before stealing data.
Being managed by the Salesforce client, it thus stands to reason that the responsibility lies with Allianz Life.
Be the first to hear the latest developments in the cyber industry.
