Allianz Life has concluded its investigation into a July cyberattack and determined that the personal information of approximately 1,497,036 individuals was accessed by an unauthorized party, the company disclosed in breach notifications sent to affected customers, financial professionals and employees. The files stolen during the incident include names, mailing addresses, dates of birth and Social Security numbers, according to the notice distributed by the insurer.
The intrusion was discovered after a threat actor gained access to a third-party, cloud-based customer relationship management system used by Allianz Life. Company officials reported that the unauthorized access occurred on July 16, 2025, and that the attacker exfiltrated personal data stored in the affected CRM environment. In its notification, Allianz Life described the incident as the result of a malicious compromise of the cloud system rather than a breach of Allianz SE’s broader infrastructure; Allianz SE was not impacted, the company said.
“On July 16, 2025, a malicious threat actor gained access to a cloud-based system used by Allianz Life.”
Allianz Life said it has notified U.S. authorities and regulatory bodies and has made outreach to those individuals whose records were confirmed to be involved. The company also established a dedicated support line for impacted people and provided instructions about how to enroll in a two-year, no-cost identity-theft monitoring and assistance program administered by a third-party vendor. Enrollment instructions and deadlines were included with the breach notification letters distributed to recipients.
While public reporting after the incident initially suggested a lower tally of exposed records, Allianz Life’s formal assessment increased the figure substantially; the company’s final determination lists 1,497,036 total impacted people, a group that includes customers, financial professionals and a subset of employees. The insurer emphasized that the types of personal data exposed vary across records and that the investigation’s findings reflect the data elements the company could confirm were taken.
Independent data aggregators and breach-tracking services had earlier posted datasets and tallied impacted addresses, but Allianz Life’s review narrowed the scope of elements the insurer lists in its official notice to names, addresses, dates of birth and Social Security numbers. The company’s communications did not enumerate additional contact data such as phone numbers or email addresses in its primary list of compromised fields, while third-party compilations previously included such details in broader leaked datasets.
The breach traces to the CRM environment used by Allianz Life rather than to Allianz SE’s core systems; the American unit provides annuities and life insurance for more than 1.4 million Americans and said its parent company’s global systems were not affected. Company spokespeople told recipients of the notification that the incident stemmed from unauthorized access to the cloud CRM and that the actor obtained data stored within that platform.
Allianz Life has implemented containment and remediation measures since detecting the intrusion. Those steps include working with forensic investigators, notifying law enforcement, deploying enhanced monitoring across affected systems, and assembling a customer support team to respond to questions about the incident and the identity-protection services being offered. The insurer also advised recipients to remain vigilant for unsolicited communications and to consider placing credit freezes, enabling fraud alerts, and monitoring financial accounts for suspicious activity.
To mitigate the risk for impacted individuals, Allianz Life has arranged complimentary enrollment in identity-theft monitoring and recovery services for two years and provided guidance on how to use those protections. The company’s notice explains how eligible recipients can register for the service and how to contact the designated support staff for assistance with enrollment and account questions.
Legal and compliance observers say the incident may trigger regulatory scrutiny and potential inquiries from state attorneys general and federal regulators, given the scale of the exposure and the inclusion of Social Security numbers among the compromised elements. The company has already submitted formal breach filings to U.S. authorities and has cooperated with investigative requests, officials said.
Security professionals caution that exposures of Social Security numbers and dates of birth materially increase the risk of identity theft, tax fraud and account-opening abuse, and they recommend that impacted individuals adopt layered protections. Typical recommendations include monitoring credit reports, placing credit freezes or fraud alerts, enabling multifactor authentication on financial accounts, and using the identity-protection services offered by the insurer as an immediate mitigation step.
Allianz Life said it continues to evaluate the full scope of the incident and will update affected parties and regulators as further details become available. The insurer also reiterated that it has taken steps to reduce the chance of similar incidents in the future by hardening controls around third-party platforms, increasing monitoring, and reviewing access privileges for cloud services.
For assistance, impacted individuals are directed to the phone line and support resources included in their breach notification letters, which explain eligibility and enrollment procedures for the complimentary identity-protection service.
