Allianz Life Insurance Company of North America confirmed a significant data breach on Saturday, revealing that hackers accessed personal information tied to a majority of its 1.4 million American customers, according to a report published by The Associated Press.
According to the company, the breach took place on July 16, when a “malicious threat actor” infiltrated a third-party, cloud-based platform used by Allianz Life.
“The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life’s customers, financial professionals, and select Allianz Life employees, using a social engineering technique,” the company said in a statement, according to AP.
Notably, Allianz Life underlined that its own internal systems were not compromised, only the third-party platform.
FBI Notified, Investigation Underway
Allianz Life, a US subsidiary of Munich-based Allianz SE, further said that the firm took immediate steps to contain and mitigate the breach and has notified the FBI. The company has also said it had alerted other relevant authorities, including the Maine Attorney General’s Office, as reported by the AP.
According to the report, a filing on the Maine AG’s website indicates that Allianz discovered the breach on July 17, a day after it happened. The company has now offered 24 months of identity theft protection and credit monitoring to affected individuals.
Social Engineering Behind the Attack
Spokesperson Brett Weinberg confirmed the hackers used a social engineering technique – a method of manipulating people into revealing confidential information.
What Is Allianz Life?
Allianz Life, formerly known as North American Life and Casualty, became part of Allianz SE in 1979. Headquartered in Minneapolis, the company employs nearly 2,000 people, most of them based in Minnesota. It is one of five North American subsidiaries of the global financial giant, which serves over 125 million customers worldwide.
