According to notifications filed in several US and seen by TechCrunch, hackers who violated the lives of US insurance giant Allianz earlier this month stole a large number of clients' Social Security numbers.
Allianz Life revealed the violation last weekend on July 16, stolen personally identifiable information belonging to a “majority” of its 1.4 million customers, and confirmed that TechCrunch had stolen personally identifiable information belonging to financial experts and employees of Allianz Life.
The company said its customer relationship database was breached in a social engineering attack. This is a trick in which a malicious hacker uses deception tricks, such as impersonating an employee who claims he has lost his password and persuading the help desk to grant access to the system or network.
In a new filing to the Texas Attorney General, Allianz Life said the hackers stole their name, date of birth, postal address and Social Security number from the database. Another submission to the Massachusetts Attorney General's Office also confirmed that the Social Security number was taken for the violation.
When TechCrunch arrived, Allianz Life spokesman Brett Weinberg did not specify what kind of personal data was at risk for the violation, nor did the company say whether it still knows which data was still being retrieved.
The spokesman said Allianz's life is expected to begin notifying affected individuals by August 1.
“This letter provides specific information relating to the affected individual, including the type of data that may have been affected,” the spokesman added.
Allianz Life is the latest insurance company in recent weeks, including Aflac and Erie, as multiple hacking groups known for social engineering attacks bolster cyber attacks.
Do you know more about Allianz Life's cyberattacks? Are you an affected customer or an employee? Please contact this reporter securely via a message encrypted with Zackwhittaker.1337.