Allianz Life Insurance Company has confirmed that a data breach has exposed the personal information of the majority of its 1.4 million customers. The breach occurred on July 16, 2025, when a malicious threat actor gained access to a third-party cloud-based CRM system used by the company. According to a spokesperson for Allianz Life, the attacker employed social engineering techniques to obtain personally identifiable data related to customers, financial professionals, and select employees of Allianz Life.
The company took immediate steps to contain the breach and reported the incident to the FBI. Preliminary investigations indicate that the Allianz Life network and other company systems were not compromised, including their policy administration system. Ongoing investigations are in progress, and efforts are underway to notify affected individuals with dedicated resources for assistance.
The breach was first reported in a mandatory filing with Maine’s Attorney General’s Office on the Saturday following the incident. A placeholder notification indicated that a consumer notice would be provided once affected individuals had been identified.
While Allianz Life did not disclose further details about the threat actor, sources indicate that the attack was likely linked to the ShinyHunters extortion group, notorious for similar high-profile breaches, including attacks on PowerSchool and Santander. ShinyHunters has a recent history of targeting Salesforce CRM customers and is linked to a series of extortion attacks involving social engineering.
In light of this incident, Mandiant previously warned that the ShinyHunters group had started to focus on Salesforce users, where hackers impersonate IT personnel to gain unauthorized access to sensitive data. Allianz Life’s spokesperson has yet to confirm whether the targeted CRM platform was Salesforce, focusing instead on the ongoing investigation.