Overview
- Attackers used social engineering on July 16 to breach a third-party cloud CRM, obtaining personally identifiable information for the majority of Allianz Life’s 1.4 million customers, financial professionals and select employees.
- The intrusion was detected the next day, prompting immediate FBI notification and a mandatory breach notice filed with Maine’s attorney general.
- Forensics to date show no evidence of further system compromise within Allianz Life’s internal network or policy administration system.
- Allianz Life has not linked the incident to any specific hacking group as its investigation remains ongoing.
- Breach filings with Maine’s attorney general triggered public disclosures under state data-breach law, aligning with U.S. regulatory requirements.