Cyber Incident Victim: Allianz Life Insurance Company of North America
Date:
Jul 2025
Location:
United States of America
Summary
Allianz Life Insurance Company of North America experienced an external breach of a third‑party cloud‑based CRM system accessed through social engineering, resulting in the theft of personal information belonging to the majority of its customers, financial professionals, and select employees. The company reported the incident to the FBI, found no evidence of additional system compromise, and began notifying affected individuals via written notice while offering 24 months of identity‑theft restoration and credit monitoring through Kroll.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 16, 2025 a malicious threat actor gained access to a third‑party, cloud‑based customer relationship management system used by Allianz Life Insurance Company of North America, an external system breach described as hacking. The breach was discovered the following day, July 17, 2025. Allianz Life notified the Federal Bureau of Investigation about the incident. The company filed a legally required notice with the Maine Attorney General’s office on Saturday, July 26, 2025, and indicated that it would begin notifying affected individuals around August 1. Written consumer notifications were sent on August 1, 2025, and Allianz Life offered affected persons 24 months of identity theft restoration and credit monitoring services through Kroll. The insurer reported that it has approximately 1.4 million customers, while its parent company Allianz serves more than 125 million customers worldwide.
The threat actor obtained personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select employees by using a social engineering technique against the CRM database. The total number of persons affected and the number of Maine residents impacted were not disclosed in the filing. Allianz Life stated that it had no evidence that any other systems on its network were compromised. The company did not disclose whether it had received any communication from the attackers, such as a ransom note, and it did not attribute the breach to a specific hacking group. The incident occurred amid a broader wave of data breaches targeting the insurance sector, with Allianz Life cited as the latest company affected alongside entities such as Aflac. Security researchers at Google noted in June 2025 that they were aware of multiple intrusions across the insurance industry attributed to the Scattered Spider collective, which relies on social engineering methods.
In response to the breach Allianz Life engaged outside counsel, submitted the Maine filing, and provided the written notice and identity theft protection services to affected individuals. The insurer emphasized that the breach was limited to the third‑party CRM system and that it had not found evidence of further network compromise. No additional details about containment, remediation, or ongoing investigation were provided in the available sources. The notification and protection measures were communicated directly to consumers as part of the company’s response to the incident.