Allianz Life breach exposed data of 1.5M people, including names, addresses, birth dates, and Social Security numbers stolen from a cloud CRM.
In July, Allianz Life disclosed a breach where hackers stole data from a cloud database, affecting most of its customers and staff. In August, the data breach notification site Have I Been Pwned reported 1.1M impacted, though Allianz has never confirmed exact numbers.
On July 16, 2025, a threat actor accessed a third-party CRM system using social engineering, compromising the data of customers, financial professionals, and some employees.
The Insurance firm stated that it took immediate action to contain and mitigate the incident and notified the FBI. The company emphasized that, so far, there is no evidence that its internal network or critical systems, including its policy administration system, were accessed. The investigation is still ongoing, and Allianz Life has begun notifying affected individuals, offering dedicated support.
Although Allianz Life declined to name the threat actor behind the attack, but Bleeping Computer first reported that the breach is believed to be linked to the ShinyHunters group.
ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia, Homechef, Chatbooks.com, Microsoft, Santander, Ticketmaster, and AT&T.
In August, ShinyHunters and other hacking crews (“Scattered Spider” and “Lapsus$“) formed a Telegram channel “ScatteredLapsuSp1d3rHunters” to claim credit and taunt over major breaches, including Allianz Life’s leaked Salesforce data.
Threat actors claimed responsibility for the Allianz Life attack and leaked complete databases stolen from the company’s Salesforce instances. The leaked files include Salesforce “Accounts” and “Contacts” tables, containing about 2.8 million records of individual customers and business partners. The exposed data includes sensitive personal details such as names, addresses, phone numbers, birth dates, and Tax IDs, alongside professional info like licenses, firm affiliations, product approvals, and marketing classifications.
In a new notice of a security incident, Allianz Life confirmed that the security breach impacted its North America branch.
According to the notice shared with the Maine Attorney General’s Office, the total number of persons affected is 1,497,036.
Allianz Life is now offering 2 years of free Kroll Identity Monitoring to detect misuse of personal data and provide identity theft protection without affecting credit scores.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
