Allianz Life confirms data breach exposed Social Security numbers: "majority" of its 1.4M customers affected

On July 16, 2025, Allianz Life Insurance Company of North America experienced a significant data breach involving a third-party, cloud-based customer relationship management (CRM) system. According to the company, a malicious threat actor used a social engineering technique to gain unauthorized access to the CRM platform.

The breach was discovered the next day, July 17, 2025, at 12:17 PM CDT, when suspicious activity was detected within the system. Allianz Life terminated access exactly two hours later, at 2:17 PM CDT, to the compromised accounts and began an internal investigation.

Based on the information provided to state regulators and public statements, the threat actor was able to obtain personally identifiable information (PII) related to the majority of Allianz Life’s 1.4 million customers, financial professionals, and select employees.

The exposed data includes names, addresses, dates of birth and Social Security numbers. The cybersecurity incident impacted an estimated 1,497,036 Allianz Life customers. Affected individuals includes 115,898 Texas residents, 8,106 New Hampshire residents, 7,402 in Maine, 4,409 Montana residents and one in Massachusetts.

The breach was reported to several state attorney general offices, including Maine, Texas, Massachusetts, California, New Hampshire, Washington, Montana and Iowa.

Allianz Life Insurance Company of North America's response

Allianz Life responded quickly after discovering the breach. The company immediately terminated access to the affected CRM accounts and launched an internal investigation, supported by a leading cyber forensic consultant. They contacted the FBI and have been working with federal law enforcement throughout the process.

Additionally, Allianz Life temporarily shut down its secure customer and financial professional website over the weekend of July 19 and 20 to implement heightened security monitoring.

The company has also put in place stricter controls for payments and customer account changes, as well as enhanced analysis and authentication for any transactions initiated since the incident. Allianz Life is in the process of notifying affected individuals and is offering two years of complimentary identity monitoring services to those impacted.

Given the nature of the breach—where Social Security numbers, dates of birth and other sensitive PII were exposed—affected individuals should remain vigilant.

It is recommended to:

• Monitor credit reports regularly for any unauthorized activity
• Consider placing a fraud alert or credit freeze with major credit bureaus
• Be cautious of phishing emails or phone calls referencing Allianz Life or the breach
• Take advantage of the complimentary identity monitoring services being offered

The company’s investigation is ongoing and additional updates will be provided as more information becomes available.

For more information about the company, visit Allianz Life’s website.