Hackers have compromised the personal information of the majority of Allianz Life’s 1.4 million clients, the US subsidiary of German insurance giant Allianz confirmed on Sunday.
The company revealed that a cyberattack on 16 July 2025 allowed unauthorised access to a third-party, cloud-based customer relationship management (CRM) platform used by Allianz Life Insurance Company of North America.
In a statement shared with AFP, the insurer explained that the breach was the result of a social engineering attack—a method in which cybercriminals manipulate individuals into divulging confidential data by posing as trusted figures or company representatives.
The intrusion led to the theft of personally identifiable information (PII) affecting not only most Allianz Life customers but also financial professionals and some employees. The exact nature of the stolen data has not been detailed publicly.
Allianz said it acted immediately to contain the breach and limit further exposure. “We took swift measures to mitigate the issue and have informed the FBI,” the statement read.
The company added that its internal systems were not affected, according to current findings. It has now begun notifying those impacted and is offering dedicated support services to assist affected individuals.
This incident adds to the growing list of high-profile cyberattacks targeting financial and insurance institutions globally, underlining ongoing concerns about data security in the digital age.