1.4 million customers exposed in Allianz life insurance data breach — what to do now

News
By published

The personal information of almost all the company's customers has been exposed online

A data breach warning notification on a laptop
(Image credit: Shutterstock)

At least 1.4 million Americans have had their personal information exposed in a data breach that struck the Allianz Life Insurance Company of North America on July 16th. The hackers accessed customer data through a third-party, cloud-based customer relationship management (CRM) platform using social engineering techniques to break in, which is exactly how a string of similar data breaches affected other healthcare and insurance companies occurred.

Allianz discovered the breach on July 17, and according to reporting from Fox News, “took immediate action to contain and mitigate the issue,” including notifying federal law enforcement and the FBI. The breach does appear to have been limited to the U.S. branch of the company, and there does not appear to be any evidence that the Allianz Life network or any other company systems were accessed.

Allianz also hasn’t shared who might be behind the attack, and the threat actors responsible have not requested a ransom. Various cybersecurity experts have suggested that Scattered Spider may be responsible though.

The security issue has been patched at this time, and Allianz is continuing its investigation. It has begun to reach out to affected individuals in order to offer support; according to the letter filed with the Maine Attorney General’s office they will be offering free identity theft protection to impacted individuals for 24 months.

How to stay safe after a data breach

After a data breach ,the best way to protect yourself is by using one of the best identity theft protection services. However, in order to get access to the identity theft insurance and extra support these services provide, you need to sign up before falling victim to a data breach. The best antivirus software can also help protect you and your devices from malware and online threats.

It's awlays important to stay vigilant against phishing and social engineering attacks after a data breach, but you also want to carefully monitor your personal and financial accounts for suspicious activity. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in an email or message from an unknown sender.

In order to protect yourself against most common social engineering attacks, it’s always best to be wary anytime you're approached through social media or by contacts offering opportunities that seem to good to be true. Be extra careful online, practice proper cyber hygiene and educate yourself about the latest online scams and cyberattacks, especially with back to school right around the corner.

We'll update this story when we hear more from Allianz regarding the types of data that were stolen and how many of its customers and employees are impacted. If you're information was exposed as a result of this breach though, you'll likely receive a data beach notification letter in the mail, so make sure you're actively checking your mailbox.

Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.

More from Tom's Guide

Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.