Hackers gained access to personal data on the majority of the 1.4 million customers of Allianz Life Insurance Company of North America. The data breach occurred on July 16 when a malicious threat actor gained access to a third-party, cloud-based system used by the company. The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life's customers, financial professionals, and select Allianz Life employees, using a social engineering technique. The company took immediate action to contain and mitigate the issue and notified the FBI. Allianz Life's own systems were not accessed, just the third-party's platform. The company has begun reaching out to the impacted individuals and will be offering those affected 24 months of identity theft protection and credit monitoring.
Source: https://www.cbsnews.com/news/allianz-life-insurance-data-breach/
TPRM report: https://scoringcyber.rankiteo.com/company/allianz-life
"id": "all548072725",
"linkid": "allianz-life",
"type": "Breach",
"date": "7/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Majority of 1.4 million '
'customers',
'industry': 'Insurance',
'location': 'Minneapolis, Minnesota, USA',
'name': 'Allianz Life Insurance Company of North '
'America',
'size': 'Nearly 2,000 employees',
'type': 'Insurance Company'}],
'attack_vector': 'Social Engineering',
'customer_advisories': True,
'data_breach': {'number_of_records_exposed': 'Majority of 1.4 million '
'customers',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information']},
'date_detected': '2023-07-17',
'date_publicly_disclosed': '2023-07-22',
'description': 'Hackers gained access to personal data on the majority of the '
'1.4 million customers of Allianz Life Insurance Company of '
'North America through a third-party, cloud-based system using '
'a social engineering technique.',
'impact': {'data_compromised': ['Personally Identifiable Information'],
'identity_theft_risk': True,
'systems_affected': ['Third-party Cloud-based System']},
'initial_access_broker': {'entry_point': 'Third-party Cloud-based System'},
'investigation_status': 'Ongoing',
'references': [{'date_accessed': '2023-07-22', 'source': 'Company Statement'}],
'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
"General's Office"]},
'response': {'communication_strategy': ['Notifying impacted individuals'],
'containment_measures': ['Immediate action to contain and '
'mitigate the issue'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': ['Offering 24 months of identity theft '
'protection and credit monitoring']},
'threat_actor': 'Malicious Threat Actor',
'title': 'Allianz Life Data Breach',
'type': 'Data Breach'}