A recent cyberattack against Allianz Life has exposed the personal data of approximately 1.1 million customers, according to new information from Have I Been Pwned.

The breach, which occurred in July, targeted a cloud-based customer relationship management (CRM) system and is part of a broader campaign aimed at organizations leveraging Salesforce-hosted databases.

Allianz Life, the U.S. subsidiary of German insurer Allianz SE, confirmed that attackers accessed information from a majority of its 1.4 million customers, financial advisors, and employees. While the company did not initially disclose the scope, filings later revealed that the compromised data includes:

• Full names
• Dates of birth
• Gender
• Email addresses
• Phone numbers
• Residential addresses
• Social Security numbers (in certain cases)

According to Jon Abbott, CEO of ThreatAware:

“The theft of personal data from over a million customers is significant. CRM platforms store highly sensitive information, which makes them prime targets for attackers. This data can easily fuel identity theft and phishing campaigns.”

Link to ShinyHunters Campaign

Security researchers have attributed the incident to ShinyHunters, a well-known cybercriminal group responsible for recent intrusions into Salesforce systems at companies like Google, Qantas, Workday, and several global retailers. The group frequently uses social engineering tactics to trick employees into granting unauthorized access.

Abbott explained:

“Groups like ShinyHunters often move quickly, contacting employees by phone or email to gain access or extort organizations. If unsuccessful, they escalate by leaking stolen data publicly to pressure victims into compliance.”

Investigations suggest that the attackers exploited malicious OAuth applications to infiltrate Salesforce instances, enabling them to download extensive customer and partner databases. In Allianz’s case, millions of records were reportedly exposed, affecting policyholders, advisors, and partner firms alike.

Company Response and Industry Implications

Allianz Life has not publicly addressed the latest findings, citing an ongoing investigation, but confirmed that it will offer two years of identity monitoring services to impacted individuals.

Abbott emphasized the importance of strengthening cybersecurity foundations:

“Incidents like this underline the need for accurate asset inventories, tamper-proof identity verification, and resilient service desk processes. Without these basics, organizations remain highly vulnerable.”

The Allianz Life breach adds to a growing list of high-profile cyber incidents this year, underscoring the risks associated with cloud-based platforms widely adopted across the financial and technology sectors.

Source: https://www.infosecurity-magazine.com/news/allianz-life-breach-exposes