Insurance company Eliyanz Life has confirmed that individual information for its 1.4 million customers’ majority “was exposed in a data violation occurred earlier this month.
“On July 16, 2025, a malicious danger actor achieved access to a third-party, cloud-based CRM system used by Elianz Life Insurance Company (Allianz Life) in North America,” a spokesperson of an Allians Life reported to the BlappingComer.
“Danger The actor was able to obtain individually identified data related to most customers, financial professionals, and Elianz Life employees, using a social engineering technique.
“We took immediate action to reduce and reduce the issue and inform the FBI. Based on our investigation, there is no evidence to access Elians Life Network or other company systems, including our policy administration system.”
“Our investigation is going on and we started the process of reaching the people affected by the dedicated resources to assist them. The incident is only related to the Allians Life, with currently 1.4 million customers.”
Allians Life is a US-based provider of annuity and life insurance for more than 1.4 million Americans. The company owned by the company owned by Elianz SE, headquartered in Germany, is serving more than 128 million customers.
The company first revealed the violation in a compulsory filing Office of Attorney General of Main On Saturday, issuing a placeholder notification alert of Breech.
The placeholder notification stated, “When Elianz has identified the affected persons, the consumer notice will be provided.”
While Alianz Life refused to answer questions about the danger actor and was he being thrown out, BlappingCoper learned that the attack was organized by the forced recovery group.
Shinyhunters are a group of danger actors, which are associated with many high-profile data violations and attacks, including powerscools and snowflake attacks, affecting Santnder, Ticketmaster, AT and T, Advance Auto Parts, Neemon Marcus and Sels.
While several bright members have been arrested over the years, including recent arrests in France, the hacking group continues to operate the attacks.
Last month, Mandient warned that Shinyhunters had started targeting salesforce customers in social engineering attacks.
During these attacks, hackers apply IT support personnel, accept a connection for salesforce data loaders from the targeted employee, a client application that allows users to import, export, update or remove data within the salesforce environment.
Once accepted the connection, the danger actor salesforce uses the data loader to exfiltrate data from the salesforce, which is then used to remove the company.
Bleepingcomputer asked Elianz Life whether the CRM was salesforce, but the spokesperson refused to comment.
Include emerging hazards in real time – before they affect your business.
Learn how cloud detection and response (CDR) gives security teams the required edge in this practical, no-nonsense guide.
