Major U.S. insurance provider Allianz Life Insurance Company confirmed on Saturday that hackers compromised the personal information of the “majority” of its 1.4 million customers following a sophisticated cyberattack on July 16, 2025. According to company spokesperson Brett Weinberg, the attackers employed social engineering techniques to gain unauthorized access to personally identifiable information belonging to customers, financial professionals, and select Allianz Life employees. Security researchers at Google have identified breaches in the insurance industry by Scattered Spider, a notorious hacking collective known for sophisticated social engineering campaigns. The company emphasized that its investigation found “no evidence” that other systems on its network were compromised, including the critical policy administration system with Maine’s attorney general. Allianz Life, a subsidiary of German financial giant Allianz SE, provides annuities and life insurance products across all U.S. states except New York. Under Maine’s data breach notification law, Allianz Life must notify affected individuals within 30 days of discovering the breach’s scope. This incident underscores the critical need for enhanced cybersecurity measures across the insurance industry, particularly given insurers’ vast repositories of sensitive customer data. The investigation remains ongoing, with Allianz Life working closely with federal authorities to determine the full extent of the breach and prevent future incidents. The group’s tactics typically involve calling company help desks, impersonating employees, and manipulating staff into resetting passwords or providing system access.
This Cyber News was published on cybersecuritynews.com. Publication date: Sun, 27 Jul 2025 03:25:13 +0000