Allianz Life Insurance Company of North America (Allianz Life) is notifying 1.4 million customers, financial professionals, and employees of a data breach that leaked their personal information via a third-party CRM platform.
Allianz says the threat actors breached the customer relationship management platform (CRM) via social engineering tactics. Social engineering involves impersonating a trusted individual to trick an employee into disclosing sensitive information, such as account login credentials.
“On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life,” Brett Weinberg, the company spokesperson, said. “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique.”
According to a data breach notification filed with the Office of the Maine Attorney General, the cyber intrusion occurred on July 16, 2025, and was detected on July 17, 2025.
Allianz Life Insurance responds to Scattered Spider data breach
Upon learning of the data breach, Allianz took immediate steps to contain and mitigate the incident, launch an investigation, and notify law enforcement agencies.
Moreover, the life assurance company determined that the data breach did not affect its internal systems, network, or IT infrastructure. Additionally, the company is notifying all impacted victims and offering dedicated support to navigate the data breach.
“The consumer notice will be provided once Allianz has identified the affected individuals,” the company stated.
So far, Allianz Life has not confirmed how many people were impacted, but the company has 1.4 million customers in the United States, most of whom were affected.
Allianz Life is the subsidiary of the German multinational Allianz SE with over 125 million customers worldwide. However, the data breach only affected individuals in the United States.
“This breach highlights that the biggest threats don’t always come from direct attacks, but often a combination of vulnerabilities across the entire supply chain,” noted Boris Cipot, Senior Security Engineer at cybersecurity company Black Duck. “In this case, the attacker used multiple techniques: social engineering to obtain access rights, and a third-party solution as a backdoor into the system.”
Meanwhile, Allianz has not attributed the data breach to any threat actors or confirmed receiving a ransom demand. Similarly, no cyber gang has taken responsibility for the attack.
Insurance companies targeted by cyber attacks
Nevertheless, the company is among the top insurance giants targeted in the ongoing cyber hacking campaign by the cybercrime gang Scattered Spider. Insurance companies are lucrative targets for cybercriminals because of the vast amount of personal, financial, and medical information they collect and store.
Other insurance companies targeted include the U.S. insurance giant American Family Life Assurance Company (Aflac), which recently confirmed being among the victims of the notorious cyber gang.
Additionally, tech giant Google says it is aware of more cyber intrusions employing social engineering and targeting insurance companies, attributed to Scattered Spider. Previously, the cybercrime gang was also found targeting U.K. and European retailers in massive data breaches.
In mid-July 2025, British police apprehended four suspected members of the Scattered Spider cybercrime gang that was responsible for the cyber attack on U.K. retailer Marks & Spencer.
However, other cybersecurity experts have linked the Allianz data breach to the hacking group, ShinyHunters, which was responsible for breaching Microsoft, TicketMaster, Santander Bank, AT&T, Tokopedia, and ChatBooks.
ShinyHunters was also attributed to the cyber attack on the European luxury brand Louis Vuitton that affected customers across South Korea, Turkey, the United Kingdom, Italy, and Sweden.
“This breach is a stark reminder of how critical it is to have a comprehensive security and governance program around enterprise business applications such as CRM platforms, which store a massive amount of sensitive customer PII,” concluded Piyush Pandey, CEO at Pathlock.
