A data breach at Allianz Life in July allowed hackers to access the personal information of 1.1 million customers, according to Have I Been Pwned.
Allianz Life reported the breach in late July, stating that hackers stole personal information from a cloud-based customer relationship database, affecting the “majority” of its 1.4 million customers and its employees, though the exact number of affected individuals has not been confirmed.
Have I Been Pwned, a data breach notification service, reported that the stolen information includes customers’ names, gender, date of birth, email and home addresses, and phone numbers, from a database hosted on Salesforce.
Allianz also informed Texas and Massachusetts authorities that Social Security numbers were compromised in the breach.
Brett Weinberg, a spokesperson for Allianz Life, declined to provide additional comments as the investigation is ongoing.
Allianz Life is among several companies recently targeted by the hacking group ShinyHunters, known for social engineering tactics to gain database access.
Other companies, including Google, Cisco, Qantas, Pandora, and Workday, have also reported breaches involving Salesforce-hosted data.
ShinyHunters is reportedly planning to create a data leak site to extort victims, a method commonly used by ransomware groups. This group is said to have connections with other cybercriminal organizations, such as Scattered Spider and The Com, known for hacking and extortion activities.
Help us improve TechCrunch by sharing your perspectives through our survey. Your feedback can also win you a prize!