A globally recognized insurance firm has disclosed a significant cybersecurity incident that exposed the personal information of the majority of its 1.4 million customers, financial professionals, and some employees.
In a filing with the Maine attorney general’s office on Saturday, Allianz Life Insurance Company, a U.S.-based insurer revealed that the breach occurred on July 16, 2025, and was discovered the following day, July 17.
The company did not disclose the exact number of individuals affected.
According to Reuters report, Allianz Life said that the breach stemmed from unauthorized access to a third-party, cloud-based customer relationship management (CRM) system.
The hackers reportedly used a social engineering technique to infiltrate the system and extract sensitive personal data.
“On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life). The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees,” a company spokesperson told Reuters via email.
The breach was first reported by TechCrunch.
Allianz Life has since notified federal authorities, including the FBI, and launched an internal investigation. The company said there is currently no indication that its core systems, including its policy administration platform or internal network, were compromised.
The insurer emphasized that the incident is isolated to Allianz Life and does not affect other Allianz entities globally.
[Source: Reuters]
