Hackers who breached U.S. insurance giant Allianz Life earlier this month stole reams of customer Social Security numbers, according to notifications filed with several U.S. states and seen by TechCrunch.
Allianz Life disclosed the July 16 breach this past weekend, confirming to TechCrunch the unidentified hackers stole the personally identifiable information belonging to the “majority” of its 1.4 million customers, as well as financial professionals and some Allianz Life employees.
The company said its customer relationship database was compromised in a social engineering attack, a ploy in which malicious hackers use deception tricks, such as impersonating an employee claiming to have lost their password, to convince helpdesks into granting them access to a system or network.
In a new filing with the Texas attorney general, Allianz Life said the hackers stole names, dates of birth, postal addresses, and Social Security numbers from its database. A separate filing with the Massachusetts attorney general’s office also confirmed Social Security numbers were taken in the breach.
When reached by email, Allianz Life spokesperson Brett Weinberg said that the company is aware of the types of personal data that was stolen in the breach, but declined to share this information with TechCrunch.
The spokesperson said Allianz Life is expected to begin notifying affected individuals by August 1.
“The letters will offer specific information relevant to impacted individuals including the type of data that may have been affected,” the spokesperson added.
Allianz Life is the latest insurance company, including Aflac and Erie, in recent weeks to have been breached, as multiple hacking groups known for social engineering attacks ramp up their cyberattacks.
Do you know more about the Allianz Life cyberattack? Are you an affected customer or employee? Securely contact this reporter via encrypted message at zackwhittaker.1337 on Signal.
Updated with additional comment from Allianz Life.
