Allianz Life Data Breach: 1.1 Million Customers Affected
Allianz Life Data Breach Impacts 1.1 Million Customers
A significant data security incident at Allianz Life, a major U.S. insurance provider, resulted in the compromise of personal data belonging to 1.1 million individuals. This information was exposed as a result of a July cyberattack, as reported by the data breach notification platform, Have I Been Pwned.
Details of the Breach
Allianz Life initially revealed the breach in late July, acknowledging that unauthorized access was gained to a customer relationship database stored in the cloud. The company confirmed that the personal information of the vast majority of its 1.4 million customers, along with data pertaining to its employees, was potentially accessed. However, Allianz has not yet provided a precise count of those affected.
According to Have I Been Pwned, the compromised data includes customers’ names, gender, date of birth, email addresses, home addresses, and phone numbers. This data was hosted on a database managed by Salesforce, a leading cloud computing company.
Further Information Disclosed
Subsequent notifications to the states of Texas and Massachusetts revealed that Social Security numbers were also stolen during the breach.
Brett Weinberg, representing Allianz Life, stated that the company is unable to provide further comment at this time due to the ongoing nature of the investigation.
The ShinyHunters Group
Allianz Life is among a growing number of large organizations that have recently been targeted by a hacking group known as ShinyHunters. This group is recognized for its proficiency in social engineering, a technique used to manipulate employees into granting unauthorized database access.
Other companies impacted by similar incidents linked to Salesforce-hosted data include Google, Cisco, Qantas, Pandora, and Workday.
Extortion Tactics and Group Affiliations
The ShinyHunters gang is reportedly developing a data leak site. This platform will be used to attempt to extort money from victims in exchange for the deletion of stolen data, a common practice among ransomware operations.
Intelligence suggests that this group has connections to other cybercriminal organizations, such as Scattered Spider and The Com. These groups are known for employing a range of illicit tactics, including hacking, extortion, and even threats of violence to infiltrate networks.
Your feedback is valuable! Help us improve TechCrunch’s coverage and events by completing this survey for a chance to win a prize.
Related Posts
Coupang CEO Resigns After Data Breach | South Korea
Petco Vetco Data Breach: Customer Information Exposed
FTC Upholds Ban on Stalkerware Founder Scott Zuckerman
Google Details Chrome Security for Agentic Features
Petco Data Breach: SSNs, Driver's Licenses Exposed
