US insurance giant Allianz Life announced on July 26 that hackers had stolen the personal information of many of its customers, financial professionals, and select Allianz Life employees in the United States. The insurance giant's filing with Maine's attorney general did not immediately provide the number of customers affected. According to the filing, the data breach, which the company described as a hack, occurred on July 16 and was discovered on July 17.
TechCrunch first reported the data breach. "On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life). The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique," a spokesperson for Allianz Life told media sources in an emailed statement. This incident is related only to Allianz Life in the US, which currently has 1.4 million customers, the company said.[1]
The breach prompted Allianz Life to initiate an immediate incident response, including engaging cybersecurity experts to assess the scope and impact of the attack. Efforts focused on securing the compromised CRM platform, monitoring for further unauthorized activity, and enhancing protections against social engineering tactics that could be used in future attempts. Customers and affected parties were advised to remain vigilant, monitor their accounts for suspicious activity, and follow guidance provided by Allianz Life and relevant authorities.
Allianz Life, a major player within the U.S. insurance and finance sector, is part of the global Allianz Group, which operates in more than 70 countries and serves millions of customers worldwide. Known for its life insurance, annuities, and retirement solutions, Allianz Life has built a reputation for trust and reliability, making this recent cyberattack especially significant for both the company and its policyholders. The incident has highlighted the risks even industry leaders face in an evolving digital landscape, as well as the importance of robust cybersecurity strategies and rapid response measures to protect sensitive data and maintain customer confidence.
The insurance company stated that it notified the FBI and, based on its ongoing investigation, there is no evidence that the Allianz Life network or other company systems were accessed, including their policy administration system.
This article is shared with permission at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please contact the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.usnews.com/news/us/articles/2025-07-26/allianz-life-says-majority-of-us-customers-data-stolen-in-hack
Comments