Allianz Life Insurance Company of North America has confirmed a significant data breach that compromised the personal information of a majority of its 1.4 million U.S. customers. The breach, discovered in mid-July, involved sensitive data including names, addresses, dates of birth, and Social Security numbers.
According to a statement issued by parent company Allianz SE to the BBC, the incident occurred on July 16, 2025, when hackers exploited a third-party, cloud-based customer relationship management (CRM) system used by Allianz Life.
The attackers gained access through a social engineering attack, an increasingly common tactic in which cybercriminals manipulate employees into providing access credentials or system entry.
The breach was limited to Allianz Life’s North American operations and did not impact the wider global operations of Allianz SE, which serves over 125 million customers worldwide.
The company stressed that there is no evidence suggesting the intrusion affected its core network or internal policy systems.
While the precise number of affected individuals was not confirmed in the company's legal filing with the Maine Attorney General’s office, estimates suggest that nearly all of Allianz Life’s American customer base may have been impacted.
Following the discovery of the breach on July 17, Allianz Life said it took swift action to contain the incident, informed the FBI, and engaged cybersecurity experts to investigate and reinforce system security.
The company began notifying affected individuals on August 1 and is offering free identity monitoring services.
There is currently no indication that the stolen data has been publicly leaked or posted to the dark web. However, cybersecurity analysts warn that stolen information of this nature may be sold or used in identity theft schemes over time.
Notably, the hackers did not demand a ransom, and Allianz has not attributed the attack to any particular group. The company has not ruled out the possibility that the attackers may have targeted specific individuals or demographics within its customer base.
This incident is part of a wider trend, with other major insurers including Aflac and Erie Insurance, also facing cyberattacks in recent months.
The growing prevalence of data breaches highlights the need for more robust digital defences, particularly in industries handling sensitive financial and personal data.
Consumers are advised to remain vigilant, use strong passwords, enable two-factor authentication (2FA), and monitor their credit and financial accounts for any suspicious activity.
