Allianz Life Insurance Company of North America has confirmed that hackers accessed the personal data of most of its 1.4 million customers in the United States. The breach, discovered on 17 July, was traced back to an incident the previous day.
The data was compromised after a threat actor infiltrated a third-party cloud-based customer relationship management (CRM) system. The breach also affected financial professionals and a number of company employees.
In a statement provided to Bloomberg, Allianz Life said, “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique.”
Brett Weinberg, a spokesperson for Allianz Life, confirmed the nature of the breach in an emailed statement to Reuters, “On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life).”
He added that the company was still investigating and unable to provide further technical details at this stage.
Allianz Life reiterated that its core network and policy administration systems were untouched. The breach only affected data stored with the external vendor.
Alongside federal law enforcement, Allianz Life also reported the breach to the Maine Attorney General’s Office and several other U.S. authorities, in accordance with state-level data breach laws. The filing noted that the company discovered the incident the day after it happened and would offer 24 months of identity theft protection and credit monitoring to those affected.
Notifications to impacted individuals are expected to begin around 1 August.
Based in Minneapolis, Allianz Life is one of five North American subsidiaries of the German financial services company Allianz SE, headquartered in Munich. Allianz SE serves over 125 million customers globally. Allianz Life itself has close to 2,000 employees in the United States, most of them in Minnesota.
Previously known as North American Life and Casualty, the company was acquired by Allianz SE in 1979 and renamed Allianz Life Insurance Company of North America.
Google security researchers recently pointed to a group known as Scattered Spider as being active across the insurance sector. These hackers are known to rely heavily on social engineering, including impersonating employees or IT staff over the phone to gain access.
Scattered Spider has also been linked to earlier attacks on UK retailers, aviation firms, transport services and U.S. tech companies. However, Allianz Life has not confirmed if this group is behind the breach. The company declined to say whether it had received any communication from the attackers, including ransom demands.
Allianz Life has made clear that its investigation is not yet complete. Spokesperson Brett Weinberg said the company was still working to determine the full scope of the breach and declined to release further technical information.
For now, affected individuals are being notified, and protective measures are being rolled out. The company continues to coordinate with authorities to understand how the breach occurred and whether any further systems might be at risk.
The data was compromised after a threat actor infiltrated a third-party cloud-based customer relationship management (CRM) system. The breach also affected financial professionals and a number of company employees.
In a statement provided to Bloomberg, Allianz Life said, “The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique.”
A social engineering breach, not a system failure
The attackers did not break through Allianz’s internal systems. Instead, they used a form of deception known as social engineering to trick their way into the third-party platform. These tactics often involve impersonation or manipulation to gain access.Brett Weinberg, a spokesperson for Allianz Life, confirmed the nature of the breach in an emailed statement to Reuters, “On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life).”
He added that the company was still investigating and unable to provide further technical details at this stage.
Allianz Life reiterated that its core network and policy administration systems were untouched. The breach only affected data stored with the external vendor.
FBI and regulators notified
The company acted quickly after discovering the breach. “We took immediate action to contain and mitigate the issue and notified the FBI,” Allianz Life stated.Alongside federal law enforcement, Allianz Life also reported the breach to the Maine Attorney General’s Office and several other U.S. authorities, in accordance with state-level data breach laws. The filing noted that the company discovered the incident the day after it happened and would offer 24 months of identity theft protection and credit monitoring to those affected.
Notifications to impacted individuals are expected to begin around 1 August.
Allianz says only US operations affected
This breach impacts only Allianz Life’s U.S. operations. It does not involve any other part of the wider Allianz Group.Based in Minneapolis, Allianz Life is one of five North American subsidiaries of the German financial services company Allianz SE, headquartered in Munich. Allianz SE serves over 125 million customers globally. Allianz Life itself has close to 2,000 employees in the United States, most of them in Minnesota.
Previously known as North American Life and Casualty, the company was acquired by Allianz SE in 1979 and renamed Allianz Life Insurance Company of North America.
Wider cyber attacks in insurance sector
The Allianz breach is one of several recent cyber attacks targeting the insurance industry. Others, including Aflac, have also reported security incidents in the past month.Google security researchers recently pointed to a group known as Scattered Spider as being active across the insurance sector. These hackers are known to rely heavily on social engineering, including impersonating employees or IT staff over the phone to gain access.
Scattered Spider has also been linked to earlier attacks on UK retailers, aviation firms, transport services and U.S. tech companies. However, Allianz Life has not confirmed if this group is behind the breach. The company declined to say whether it had received any communication from the attackers, including ransom demands.
Allianz Life has made clear that its investigation is not yet complete. Spokesperson Brett Weinberg said the company was still working to determine the full scope of the breach and declined to release further technical information.
For now, affected individuals are being notified, and protective measures are being rolled out. The company continues to coordinate with authorities to understand how the breach occurred and whether any further systems might be at risk.
