The details of approximately 1.4 million customers from the USA have been exposed in the latest data breach of North America’s Allianz Life insurance company. Although Allianz Life has not confirmed the official number of affected individuals, the data breach appears to impact the majority of their American customers, estimated at around 1.4 million people from the USA. The cyber breach, discovered in July 2025, includes extremely sensitive information such as SSNs, names, and addresses. Even though the breach has been stopped, the details of those hundreds of thousands of people will remain in the hands of the hackers forever. 

Key takeaways

  • Allianz Life Insurance Company of North America has confirmed an external system breach affecting its customers.
  • The breach likely affects nearly one and a half million Americans, and consists of sensitive information such as names, addresses, and social security numbers 
  • The security issue has been patched, but the damage remains. Perpetrators did not ask for ransom, and their identities remain unknown.  
  • Allianz has begun notifying its customers.  
  • If you are among the affected, remain vigilant and take advantage of identity monitoring tools offered for free by the insurance giant.

Was Allianz Life hacked?

Yes, the North American part of the global insurance giant with over 125 million customers worldwide confirmed an external system breach. According to the data breach notification filed with the Maine Attorney General, the breach occurred on July 16. It was discovered a day later, on July 17, 2025. The insurance company immediately notified the FBI and consulted cybersecurity experts to help the IT department handle the threat.

Who is affected?

Luckily, there is no indication that all the 125+ million customers of the insurance company have been affected. However, personal information belonging to people located in North America has been exposed to hackers. The information includes both customers and employees of the insurance company. Although the exact number of affected customers is not confirmed, it is believed that almost one and a half million people have had their details compromised, and their sensitive info is now in the hands of the hackers.

You might be interested in: 15 Tips to Protect Personal Information Online for 2023

Has the issue been rectified, and are there any reports of misuse?

The security hole exploited by the hackers has been patched. And the stolen data has not yet publicly surfaced on the Dark Web. However, this does not mean that the stolen database is not already up for sale in private hacker forums, and/or hackers are not already using the stolen info to perform identity theft crimes. There are no official reports of misuse of the data yet.

How did the attack happen?

Information about the attack is limited. It is believed that hackers gained access to the insurance company’s network through a sophisticated social engineering attack. The bad actor successfully infiltrated the company’s cloud-based customer relationship management (CRM) system, gaining access to sensitive databases. 

Did the attackers ask for ransom?

No, they did not. The attackers only copied sensitive info from the company’s networks and then disappeared. Allianz Life has not given any indications that the attack was a ransomware attack. It is possible that the hackers were after a specific group of people served by Allianz Life. Many private organizations offer the company as a life insurance option. Allianz Life proudly markets itself as a leader in financial and retirement solutions. 

Allianz has just started notifying its customers and is offering free identity monitoring services for the victims. People, even if they are not included in this particular data breach, are advised to remain vigilant and practice proper password hygiene. Taking advantage of 2FA when possible is also strongly advisable. It is also essential for people to utilize the great tools offered by antivirus software companies. This tools prevent cyber criminals from even reaching their potential victims with fraudulent emails, text messages, or other means of communication. 

Continue reading: Integrating Password Managers with Other Tools