U.S. insurance giant Allianz Life has confirmed to TechCrunch that hackers stole the personal information of the “majority” of its customers, financial professionals, and employees during a mid-July data breach.
When reached by TechCrunch, Allianz Life spokesperson Brett Weinberg confirmed the breach.
“On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life,” referring to a customer relationship management (CRM) database containing information on its customers. “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique,” the spokesperson said.
The company disclosed the data breach on Saturday in a legally required filing with Maine’s attorney general, but did not immediately provide a number of how many Allianz Life customers are affected. According to the spokesperson, Allianz Life has 1.4 million customers. Its parent company, Allianz, has more than 125 million customers worldwide.
Allianz Life said it notified the FBI, and added it had “no evidence” that any other systems on its network were compromised.
The insurance giant would not say if it had received any communication from the hackers, such as a ransom note. The company also would not attribute the breach to a hacking group.
Allianz Life is the latest company in the past month to have been hacked during a wave of data breaches targeting the wider insurance industry, including Aflac, a major provider of supplementary health insurance. Security researchers at Google said in June that they were “aware of multiple intrusions” across the insurance sector attributed to Scattered Spider, a collective of hackers and techniques that rely on social engineering techniques, such as deceptively calling and tricking helpdesks into granting them access to a company’s network.
Prior to targeting insurance companies, the Scattered Spider hackers were seen targeting the U.K. retail industry, as well as the aviation and transportation sectors, and are historically known for hacks targeting Silicon Valley technology giants.
Per the Maine filing, Allianz plans to begin notifying affected individuals around August 1.
Do you know more about the Allianz Life cyberattack? Are you an affected customer or employee? Securely contact this reporter via encrypted message at zackwhittaker.1337 on Signal.
Source link
