• Allianz Life confirms losing sensitive data on the “majority” of its customers
  • Around 1.4 million people could be at risk, it admits
  • ShinyHunters is the prime suspect at the moment

Insurance giant Allianz Life has confirmed suffering a cyberattack which saw it lose sensitive data on the “majority” of its customers, with over a million people at risk.

The North American insurance giant said the attack happened on July 16, 2025, when a threat actor accessed a third-party, cloud-based CRM system the company uses.

After finding out about the intrusion, the company took measures to contain it, and notified the FBI. So far, there is no evidence the company’s network or other systems were accessed, it was added.

ShinyHunters strike again?

“The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique,” a company spokesperson explained.

“Our investigation is ongoing and we began the process of reaching out to individuals impacted with dedicated resources to assist them. This incident is related only to Allianz Life, which currently has 1.4 million customers.”

While Allianz Life did not discuss the identity and the motive of the attackers, BleepingComputer claims this was the work of ShinyHunters, a known threat actor with numerous successful breaches under its belt.

The group has been around since roughly 2020, and during that time, compromised a number of high-profile organizations, including Microsoft, Mashable, and Nitro PDF. It even claims to have breached AT&T, although the telco denied the breach ever happened.

Allianz Life (short for Allianz Life Insurance Company of North America) provides life insurance and annuity products across the United States.

It manages a portfolio exceeding $124 billion, primarily invested in high-quality securities, and has roughly 1.4 million customers. 

How to stay safe

The attack is particularly concerning as such records could contain more than enough of sensitive information for hackers to launch highly personalized, successful phishing campaigns, leading to identity theft, wire fraud, and even ransomware attacks.

If you’re concerned you may have been caught up in the incident, don’t worry – there are a number of methods to find out. HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.

And if you save passwords to a Google account, you can use Google’s Password Checkup tool to see if any have been compromised, or sign up for one of the best password manager options we’ve rounded up to make sure your logins are protected.

You might also like

Services MarketplaceListings, Bookings & Reviews

Entertainment blogs & Forums

Leave a Reply

dtf uv printers.