Overview

• Allianz Life finalized its investigation and reported 1,497,036 affected individuals, including customers, financial professionals, and select employees in the United States.
• Compromised information includes names, addresses, dates of birth, and Social Security numbers, according to notification letters.
• The breach occurred on July 16 after a threat actor used social engineering to access a third‑party, cloud‑based Salesforce CRM environment.
• The company has begun notifying impacted people, filed notices with U.S. authorities such as the Maine Attorney General, and is offering two years of Kroll identity monitoring with dedicated phone support.
• Media reports link the intrusion to a broader Salesforce‑targeted campaign involving Scattered Spider and ShinyHunters, though Allianz has not confirmed attribution, and multiple class‑action lawsuits are pending.