Hackers stole personal information of 1.1 million persons in salesforce data theft attack, which affected the US insurance giant Allianz Life in July.
Allians Life has around 2,000 employees in the United States and is a subsidiary of Allians SE, with over 128 million customers worldwide and rank as the 82nd largest company in the world based on revenue.
As the company revealed last month, information related to the “majority” of its 1.4 million customers was stolen by the attackers, who had access to a third-party cloud CRM system on 16 July.
While Eliyanz Life did not name the provider of the Cloud-based CRM system at the time of disclosure, the Blapping computer earlier stated that the breech was part of the wave of salesforce-targeted data theft attacks, which was forcibly associated with the recovery group.
Since the attack, Shinyhunters have leaked the stolen database from the company’s salesforce examples, including about 2.8 million data records for individual customers and business partners, including money management companies, financial advisors and brokers.
On Monday, Data Breach Notification Service has revealed the limit of this incident, stating that email addresses, names, gender, date of birth, phone number, and 1.1 million Allians were stolen during the physical addresses of the customers of life.
Bleepingcomputer has also confirmed with many people affected by the violation that their data in leaked files (including their tax ID, phone number, email address and other information) is accurate.
Many other high-profile companies worldwide were also dissolved in this campaign, including Google, Adidas, Qantas, Louis Witon, Dyer, Tiffany & Co.The channel, and, most recently, Human Resource Giants Workdays.
The attacks are believed to begin at the beginning of the year, in which the danger actors cheated employees in adding their company’s salesforce for example a malicious Oauth app. Once attached, the attackers downloaded and stole the company database, later used data to remove the victims via email.
The demands of these forced recovery were signed as coming from the shinoors, a famous forced recovery group, which has been associated with a string of high-profile violations over the years, including snowflake attacks and AT & T and Povers School.
A spokesperson of an Allianz Life did not immediately provide to confirm that I was approached by Bleepingcomputer before today.
The passwords broke in 46% of the atmosphere, almost doubled by 25% last year.
Picus Blue Report 2025 Now get a wider look at more conclusions on prevention, detection and data exfIs.
