The July cyberattack on US-based insurance company Allianz Life has exposed the personal details of about 1.1 million customers, according to the data breach notification platform Have I Been Pwned.
Allianz Life first disclosed the breach in late July, confirming that hackers had gained access to customer and employee information from a cloud-based customer relationship database. Allianz Life admitted that the personal information of the “majority” of its 1.4 million customers was stolen, but has not revealed the exact number of people impacted.
Have I Been Pwned reported on Monday that the stolen database, hosted by cloud provider Salesforce, contained sensitive information including customer names, gender, dates of birth, email addresses, residential addresses, and phone numbers. Allianz later informed authorities in Texas and Massachusetts that Social Security numbers were also compromised in the incident.
The breach is believed to be the work of the hacking group ShinyHunters, which has recently targeted several technology and corporate giants. ShinyHunters are known for using social engineering methods to deceive employees and gain entry into internal systems.
Over the past few months, several major companies have reported similar incidents linked to Salesforce-hosted data. Victims include Google, Cisco, airline group Qantas, retailer Pandora, and human resources provider Workday, as reported by a common news source on Monday.
Investigators have also warned that ShinyHunters are preparing to publish the stolen data on a dedicated leak site unless the victims agree to pay. This form of extortion is commonly associated with ransomware operations. Reports suggest that ShinyHunters work closely with other cybercriminal organisations such as Scattered Spider and The Com, groups that use hacking, blackmail, and at times threats of violence to break into corporate networks.
The Allianz Life breach highlights the growing vulnerability of companies relying on third-party cloud platforms to store sensitive data, and the increasing sophistication of hacker groups exploiting these systems for financial gain.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
