U.S. insurance giant Allianz Life has confirmed that hackers stole the personal information of the majority of its customers, financial professionals, and employees during a data breach in mid-July.
Allianz Life spokesperson Brett Weinberg stated that on July 16, 2025, a malicious threat actor accessed a third-party, cloud-based customer relationship management (CRM) system. The attacker obtained personally identifiable data using social engineering techniques.
The company disclosed the breach in a legally required filing with Maine’s attorney general but did not immediately specify how many customers were affected. Allianz Life has 1.4 million customers, while its parent company, Allianz, serves over 125 million worldwide.
Allianz Life reported the incident to the FBI and stated there was no evidence of further network compromise. The company declined to confirm whether it received any communication from the hackers or attribute the breach to a specific hacking group.
This incident follows a recent wave of cyberattacks targeting the insurance industry, including Aflac, a major supplementary health insurance provider. Security researchers at Google noted in June that multiple intrusions in the sector were linked to Scattered Spider, a hacking collective known for social engineering tactics.
Scattered Spider has previously targeted the U.K. retail industry, aviation, transportation sectors, and Silicon Valley tech companies.
According to the Maine filing, Allianz plans to begin notifying affected individuals around August 1.