A cyber-attack on Allianz Life in July has exposed the personal information of about 1.1 million customers, according to new data byHave I Been Pwned.
The breach targeted a cloud-based customer relationship management (CRM) system and is part of a larger campaign against companies using Salesforce-hosted databases.
Allianz Life, a US subsidiary of German insurer Allianz SE, said hackers accessed data from “the majority”of its 1.4 million customers, financial professionals and employees. The company confirmed that attackers obtained personal details but did not provide specific figures at the time.
Have I Been Pwned reported that the breach includes:
-
Names
-
Dates of birth
-
Gender
-
Email addresses
-
Phone numbers
-
Home addresses
In state filings, Allianz also disclosed that Social Security numbers were taken.
“The stolen personal information of 1.1 million customers is significant,”said Jon Abbott, CEO of ThreatAware.
“The sensitive and valuable information held in CRM tools is exactly why it’s targeted by attackers. The data can be used by other cybercriminals for identity theft and phishing campaigns.”
Attack Linkedto ShinyHunters
Security researchers have tied the incident to ShinyHunters, a hacking group that has recently breached Salesforce systems at Google, Qantas, Workday and several retail brands. The group is known for social engineering tactics that trick employees into providing unauthorized access.
“Groups such as ShinyHunters rely on fast-moving social engineering tactics – this typically involves calling and emailing employees of the victim organization and attempting to extort them,”Abbott said.
“If this does not work, they then launch a leak site with the aim of pressuring victims into payment.”
Investigations suggest the attackers used malicious OAuth applications to infiltrate Salesforce instances, then downloaded company databases. In Allianz’s case, leaked files reportedly contain millions of records tied not only to policyholders but also to advisors and partner firms.
Company Response and Broader Impact
Allianz Life has not yet commented on the new findings, citing an ongoing investigation. However, the company said it will provide two years of identity monitoring services to affected individuals.
Abbott added: “This pattern in their [ShinyHunters] attacks is why the security fundamentals are so important. Accurate asset inventories, tamper-proof identity verification and hardened service desk processes are all essential.”
The Allianz Life breach follows a series of high-profile incidents this year, highlighting concerns about the security of cloud-based systems widely used across the financial and technology sectors.
Imagecredit: Kittyfly / Shutterstock.com