Allianz Life insurance just admitted to a big data breach. If you are one of their 1.4 million U.S. customers, your personal info might’ve been stolen.
What actually happened?
On July 16, a hacker tricked their way into a cloud system used by Allianz Life. not the company’s main servers, but a third-party CRM (that’s customer relationship management software). the next day, allianz noticed something was wrong. they shut things down fast and called the FBI.
The hacker did not gain access to Allianz Life’s core network. Their internal security policy systems weren’t touched. but still, the CRM had a lot of sensitive info like names, phone numbers, probably addresses and birth dates too.
How Did The Hackers get in?
Social engineering. It wasn’t a brute-force attack, a zero-day or a fancy malware. Just old-school deception.
Social engineering is popular hacking method right now. Hacking groups like Scattered Spider and ShinyHunters have been pulling off similar attacks.
They call employees pretending to be it support. they ask them to install something—or give up passwords. that’s how they get in.
Who’s Behind This Attack?
We don’t know for sure. Some experts think it might be Scattered Spider or ShinyHunters . They have both done stuff like this before. In fact, ShinyHunters has been caught targeting companies using the popular SalesForce CRM.
How Bad Is It?
Pretty bad. Most of Allianz Life’s 1.4 million U.S. customers were affected. That includes financial professionals and even some employees.
Other parts of Allianz, the global parent company—weren’t impacted. this is just about the U.S. life insurance arm.
What’s Being Done for Affected People?
Allianz Life is giving anyone impacted two years of free credit monitoring and identity theft support. You should get a letter soon if your info was stolen.
