Insurance giant Allianz Life is investigating a breach that has reportedly seen the data of most of its North American customers stolen.
Allianz Life, a subsidiary of Germany-based financial services firm Allianz SE, sells annuities and life insurance and has around 1.4 million customers in the North America region.
The hackers are believed to have accessed personally identifiable data related to the majority of these customers, along with the data of financial professionals and some Allianz Life employees.
Customer data from other geographical regions is believed to be unaffected, and the company's core network and policy administration systems don't appear to have been accessed.
According to a filing with the attorney general in Maine, the attack took place on July 16 and was discovered a day later. Allianz Life said it would provide a full consumer notice once it has finished identifying and contacting the individuals who have been affected.
The company also stated that it has notified the FBI, and said that affected individuals will be given 24 months of credit monitoring and identity theft protection.
Who’s behind the Allianz Life breach?
The attack is believed to have taken place through a third-party provider, with the company telling TechCrunch that this was a cloud-based customer relationship management (CRM) system.
Similarly, the breach is believed to have been carried out via a social engineering attack.
Tarun Desikan, zero trust evangelist and EVP of cloud edge security at leading cybersecurity firm SonicWall, said the incident once again highlights long-running problems with social engineering and identity management.
“While multi-factor authentication is critical, it’s not bulletproof. Attackers now bypass MFA with sophisticated social engineering techniques," said Desikan
"Attack vectors are constantly evolving and cyber criminals are relentless in developing new tactics, techniques, and procedures. This necessitates a proactive and flexible approach to cybersecurity, which includes adopting protocols and security architectures like Zero Trust.”
According to BleepingComputer, the attack may have been carried out by the ShinyHunters threat group. The claims follow a warning last month from Mandiant that the group had started to target Salesforce CRM customers in social engineering attacks.
The hackers were reported to be impersonating IT support staff and asking employees to accept a connection to Salesforce Data Loader, which they are then using to exfiltrate data from Salesforce and extort the company.
ShinyHunters, which first emerged in 2020, does have a track record of similar attacks, and has targeted dozens of major organizations, including Microsoft, Santander, Ticketmaster, Tokopedia and AT&T.
In the case of AT&T, the data of 110 million users was accessed, with AT&T reportedly paying a $370,000 ransom.
ITPro has approached Allianz Life for clarification.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Trump's AI executive order could leave US in a 'regulatory vacuum'News Citing a "patchwork of 50 different regulatory regimes" and "ideological bias", President Trump wants rules to be set at a federal level
-
TPUs: Google's home advantageITPro Podcast How does TPU v7 stack up against Nvidia's latest chips – and can Google scale AI using only its own supply?
-
LastPass hit with ICO fine after 2022 data breach exposed 1.6 million users – here’s how the incident unfoldedNews The impact of the LastPass breach was felt by customers as late as December 2024
-
Researchers claim Salt Typhoon masterminds learned their trade at Cisco Network AcademyNews The Salt Typhoon hacker group has targeted telecoms operators and US National Guard networks in recent years
-
Trend Micro issues warning over rise of 'vibe crime' as cyber criminals turn to agentic AI to automate attacksNews Trend Micro is warning of a boom in 'vibe crime' - the use of agentic AI to support fully-automated cyber criminal operations and accelerate attacks.
-
Cyber budget cuts are slowing down, but that doesn't mean there's light on the horizon for security teamsNews A new ISC2 survey indicates that both layoffs and budget cuts are on the decline
-
NCSC issues urgent warning over growing AI prompt injection risks – here’s what you need to knowNews Many organizations see prompt injection as just another version of SQL injection - but this is a mistake
-
Chinese hackers are using ‘stealthy and resilient’ Brickstorm malware to target VMware servers and hide in networks for months at a timeNews Organizations, particularly in the critical infrastructure, government services, and facilities and IT sectors, need to be wary of Brickstorm
-
AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals — and teams at Amazon are already seeing huge gainsNews AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals, and the company has already unlocked significant benefits from the technology internally.
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
