Allianz Life Breach Tied to CRM Compromise

Attackers Stole US Customer Data Using Social Engineering Prajeet Nair (@prajeetspeaks) , David Perera (@daveperera) • July 28, 2025

A malicious actor breached a customer relationship management platform used by Allianz Life Insurance of North America on July 16 and stole personally identifiable information of most of its 1.4 million U.S. customers, financial professionals and some employees, the company said.

Company spokesperson Brett Weinberg said the hacker gained access "using a social engineering technique." The insurer did not disclose the CRM in question nor the name of the hacker. Bleeping Computer attributed the attack to the ShinyHunters extortion group.

ShinyHunters is a loose group of attackers that has existed since 2020 and been involved in a slew of high-profile incidents, including the theft of terabytes of data from clients of cloud-based data warehousing platform Snowflake. French police in June reportedly arrested five suspected hackers accused of being administrators ...