Allianz Life Data Breach: Customer Data Stolen in Cyberattack

Allianz Life Confirms Major Data Breach

Allianz Life, a prominent U.S. insurance provider, has verified to TechCrunch that a data breach in mid-July resulted in the theft of personal information belonging to the vast majority of its clientele, financial professionals, and staff.

Breach Details and Confirmation

Brett Weinberg, a spokesperson for Allianz Life, confirmed the incident when contacted by TechCrunch. The unauthorized access occurred on July 16, 2025.

The compromised system was a third-party, cloud-based CRM (customer relationship management) system utilized by Allianz Life. This database contained information pertaining to its customer base.

According to the spokesperson, the threat actor employed a social engineering technique to obtain personally identifiable data. This affected the majority of Allianz Life’s customers, financial professionals, and a selection of its employees.

Disclosure and Scale of Impact

Allianz Life disclosed the breach on Saturday through a legally mandated filing with the attorney general of Maine. Initially, the company did not specify the exact number of affected customers.

The spokesperson later indicated that Allianz Life serves approximately 1.4 million customers. Its parent company, Allianz, boasts a global customer base exceeding 125 million.

Investigation and Containment

Allianz Life has reported the incident to the FBI and currently has no indication that other systems within its network were compromised.

Ransomware and Attribution

The insurance company declined to comment on whether any communication, such as a ransom demand, was received from the attackers.

Furthermore, Allianz Life has not yet attributed the breach to a specific hacking group.

Industry-Wide Trend and Scattered Spider

Allianz Life is the latest in a series of companies within the insurance sector to experience a data breach in recent weeks. Aflac, a leading supplementary health insurance provider, was also targeted.

Google security researchers reported in June that they were tracking multiple intrusions across the insurance industry. These intrusions are believed to be the work of Scattered Spider, a hacking collective known for utilizing social engineering tactics.

These tactics involve deceptive phone calls and manipulation of help desks to gain unauthorized network access.

Past Activities of Scattered Spider

Prior to focusing on insurance companies, Scattered Spider had targeted the retail sector in the U.K., as well as the aviation and transportation industries.

The group has a history of successful attacks against major technology companies in Silicon Valley.

Notification Timeline

As per the Maine filing, Allianz Life intends to commence notifying affected individuals around August 1.

Do you possess further information regarding the Allianz Life cyberattack? Are you a customer or employee impacted by this event? Please contact this reporter securely via encrypted message on Signal at zackwhittaker.1337.